From 4378a822c0f819edb40d6903a9fa363d7c72c84d Mon Sep 17 00:00:00 2001 From: "agl@chromium.org" Date: Wed, 8 Jul 2009 01:15:14 +0000 Subject: Linux: SUID sandbox support * Make processes dumpable when they crash. * Find crashing processes by searching for a socket inode, rather than relying on SCM_CREDENTIALS. The kernel doesn't translate PIDs between PID namespaces with SCM_CREDENTIALS, so we can't use the PID there. * Use a command line flag to the renderer to enable crash dumping. Previously it tried to access the user's home directory for this information. * Search for a sandbox helper binary and, if found, use it. * Include the source for a sandbox helper binary. It's currently not built by default. http://codereview.chromium.org/149230 R=evan,markus BUG=8081 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@20110 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/common/chrome_switches.cc | 5 +++++ chrome/common/chrome_switches.h | 2 ++ 2 files changed, 7 insertions(+) (limited to 'chrome/common') diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc index 453426d..83fcc82 100644 --- a/chrome/common/chrome_switches.cc +++ b/chrome/common/chrome_switches.cc @@ -532,6 +532,11 @@ const wchar_t kEnableMonitorProfile[] = L"enable-monitor-profile"; // still experimental. const wchar_t kEnableXSSAuditor[] = L"enable-xss-auditor"; +// A flag, generated internally by Chrome for renderer command lines (Linux +// only). It tells the renderer to enable crash dumping since it cannot access +// the user's home directory to find out for itself. +const wchar_t kRendererCrashDump[] = L"renderer-crash-dumping"; + // Enables the new Tabstrip on Windows. const wchar_t kEnableTabtastic2[] = L"enable-tabtastic2"; diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h index 9ba2999..d4e65af 100644 --- a/chrome/common/chrome_switches.h +++ b/chrome/common/chrome_switches.h @@ -203,6 +203,8 @@ extern const wchar_t kEnableMonitorProfile[]; extern const wchar_t kEnableXSSAuditor[]; +extern const wchar_t kRendererCrashDump[]; + extern const wchar_t kEnableTabtastic2[]; } // namespace switches -- cgit v1.1