Google Git
Sign in
chromium / chromium / src / sandbox / 2c1640200247e444677ab5dd261a15543bcfbe66
commit2c1640200247e444677ab5dd261a15543bcfbe66[log] [tgz]
authorXiaohan Wang <xhwang@chromium.org>Tue Jul 20 22:12:57 2021
committerCopybara-Service <copybara-worker@google.com>Tue Jul 20 22:25:19 2021
tree5d96ac1bfb511f3a76599202b82505d364ae819d
parent5c3fd712a8e8224e2a08834dd1e30935b2a557d3 [diff]
media: Set ACL when installing Media Foundation Widevine CDM

When installing component updated Media Foundation Widevine CDM, we need
to explicitly set the ACL so it can be loaded into the LPAC process.

Bug: b/194139422
Fixed: b/194139422
Test: Playback works in local build without --no-sandbox
Change-Id: I3422aa5f86404c7f035480747483e233acc7c8e1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3042338
Reviewed-by: James Forshaw <forshaw@chromium.org>
Reviewed-by: Joshua Pawlicki <waffles@chromium.org>
Commit-Queue: Xiaohan Wang <xhwang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#903666}
NOKEYCHECK=True
GitOrigin-RevId: 5b980c42bcbf55a9c7d0080edbcf9c08c1031816
1 file changed
tree: 5d96ac1bfb511f3a76599202b82505d364ae819d
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. constants.h
  7. DEPS
  8. DIR_METADATA
  9. features.gni
  10. ipc.dict
  11. OWNERS
  12. README.md
  13. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.