Linux: SUID sandbox support

  * Make processes dumpable when they crash.
  * Find crashing processes by searching for a socket inode, rather
    than relying on SCM_CREDENTIALS. The kernel doesn't translate PIDs
    between PID namespaces with SCM_CREDENTIALS, so we can't use the
    PID there.
  * Use a command line flag to the renderer to enable crash dumping.
    Previously it tried to access the user's home directory for this
  * Search for a sandbox helper binary and, if found, use it.
  * Include the source for a sandbox helper binary. It's currently not
    built by default.

git-svn-id: svn:// 0039d316-1c4b-4281-b951-d872f2087c98
11 files changed