Google Git
Sign in
chromium / chromium / src / sandbox / 22ba072c5a503e9f0904ab258514ad23c9f71fda
commit22ba072c5a503e9f0904ab258514ad23c9f71fda[log] [tgz]
authorAlex Gough <ajgo@chromium.org>Thu Aug 19 05:26:31 2021
committerCopybara-Service <copybara-worker@google.com>Thu Aug 19 05:41:07 2021
tree13beb1b06c0d32d4e56f1a4f5cfb6610865fdb1f
parent9901b95154b6aad800a37e6bcc1c8316934c9d4d [diff]
Specify speech recognition sandbox in mojom

This moves to using the ServiceSandbox mojom attribute to select
the sandbox, and removes reference from service_sandbox_type.h.
chrome_speech_recognition_service.cc required includes to be updated.

No functional changes, see linked bug for details.

Bug: 1210301
Change-Id: Ie13047818ae3e221e996fb94565340949cd4c69e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3095051
Commit-Queue: Alex Gough <ajgo@chromium.org>
Reviewed-by: Chris Palmer <palmer@chromium.org>
Reviewed-by: Evan Liu <evliu@google.com>
Cr-Commit-Position: refs/heads/main@{#913283}
NOKEYCHECK=True
GitOrigin-RevId: 9e8487c626919ccbb3c361fe9a643eda6870d11e
2 files changed
tree: 13beb1b06c0d32d4e56f1a4f5cfb6610865fdb1f
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. constants.h
  7. DEPS
  8. DIR_METADATA
  9. features.gni
  10. ipc.dict
  11. OWNERS
  12. README.md
  13. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.