commit | 152516fe83dd01983cfdce06c78b34fc309d1a26 | [log] [tgz] |
---|---|---|
author | David Dorwin <ddorwin@chromium.org> | Sat Nov 06 21:08:58 2021 |
committer | Copybara-Service <copybara-worker@google.com> | Sat Nov 06 21:21:06 2021 |
tree | f8dc8a0a3b03d79f5596d3372ba5af6478c4de94 | |
parent | a421fde50d94e85a027de687dd13cae8f42cb41a [diff] |
[fuchsia] Do not define base::DIR_APP_DATA Besides Fuchsia, this key is only defined on Windows and Apple where it has a specific meaning. base::kPersistedDataDirectoryPath can be used directly when needed. Also remove //base/base_paths_fuchsia.h, which is no longer necessary. Bug: 1263576 Change-Id: I82049ba0ba78885c7d867a417a460922042a05ba Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3252253 Reviewed-by: Greg Thompson <grt@chromium.org> Reviewed-by: Avi Drissman <avi@chromium.org> Reviewed-by: Robert Sesek <rsesek@chromium.org> Reviewed-by: Sean Topping <seantopping@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Auto-Submit: David Dorwin <ddorwin@chromium.org> Commit-Queue: David Dorwin <ddorwin@chromium.org> Cr-Commit-Position: refs/heads/main@{#939123} NOKEYCHECK=True GitOrigin-RevId: 2c7fbbf807d5d1643599310b39bd1cd9b7ee815b
This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.
Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:
mac/
uses the Seatbelt sandbox. See the detailed design for more.linux/
uses namespaces and Seccomp-BPF. See the detailed design for more.win/
uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.Built on top of the low-level sandboxing library is the //sandbox/policy
component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.