Google Git
Sign in
chromium / chromium / src / d267fd9917cb1c7494a8067ea3c6f1831bb37e78
commitd267fd9917cb1c7494a8067ea3c6f1831bb37e78[log] [tgz]
authorMatthew Denton <mpdenton@chromium.org>Wed Aug 08 19:21:00 2018
committerCommit Bot <commit-bot@chromium.org>Wed Aug 08 19:21:00 2018
tree104ca5ecef4be253f56848535177f50e81b618e9
parent24e5fbf1e9ca43c81405e257c1c13d74c0c233f7 [diff]
Modified chrome://sandbox to more accurately describe sandboxing

Originally the chrome://sandbox page displayed "SUID Sandbox" as red
when the SUID sandbox was off, even if the namespace sandbox was on. To
avoid indicating that anything is wrong, this combines "SUID Sandbox"
and "Namespace Sandbox" into one row that displays green for namespace,
yellow for SUID, and red for neither.

Also, when the Chrome renderers are sandboxed with user namespaces,
any process in the parent namespace with the same UID is able to
ptrace the renderer. However, the chrome://sandbox page displays Yama
LSM as enforcing. This makes it clear that Yama LSM is not protecting
the renderer processes from ptrace by adding "Ptrace Protection with
Yama LSM (Non-broker)" to the webpage.

start chrome with all three sandboxing possibilities, run
./browser_tests --gtest_filter="Sandbox*"

Bug: 870527, 870534
Test: start chrome with Yama disabled, enabled, and with SetUID sandbox,
Change-Id: I2e4735363a4dceee4947757a74451e3e102c4250
Reviewed-on: https://chromium-review.googlesource.com/1162764
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Michael Giuffrida <michaelpg@chromium.org>
Reviewed-by: Chris Palmer <palmer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#581656}
4 files changed
tree: 104ca5ecef4be253f56848535177f50e81b618e9
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. blink/
  6. build/
  7. build_overrides/
  8. cc/
  9. chrome/
  10. chrome_elf/
  11. chromecast/
  12. chromeos/
  13. cloud_print/
  14. components/
  15. content/
  16. courgette/
  17. crypto/
  18. dbus/
  19. device/
  20. docs/
  21. extensions/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. jingle/
  31. mash/
  32. media/
  33. mojo/
  34. native_client_sdk/
  35. net/
  36. pdf/
  37. ppapi/
  38. printing/
  39. remoting/
  40. rlz/
  41. sandbox/
  42. services/
  43. skia/
  44. sql/
  45. storage/
  46. styleguide/
  47. testing/
  48. third_party/
  49. tools/
  50. ui/
  51. url/
  52. webrunner/
  53. .clang-format
  54. .eslintrc.js
  55. .git-blame-ignore-revs
  56. .gitattributes
  57. .gitignore
  58. .gn
  59. .vpython
  60. AUTHORS
  61. BUILD.gn
  62. CODE_OF_CONDUCT.md
  63. codereview.settings
  64. DEPS
  65. ENG_REVIEW_OWNERS
  66. LICENSE
  67. LICENSE.chromium_os
  68. OWNERS
  69. PRESUBMIT.py
  70. PRESUBMIT_test.py
  71. PRESUBMIT_test_mocks.py
  72. README.md
  73. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .