Google Git
Sign in
chromium / chromium / src / sandbox / 41c70042b9058689c19e886fd6dbf5ff8dc2730e
commit41c70042b9058689c19e886fd6dbf5ff8dc2730e[log] [tgz]
authorWill Harris <wfh@chromium.org>Mon Dec 08 18:16:07 2025
committerCopybara-Service <copybara-worker@google.com>Mon Dec 08 18:22:33 2025
treeb9383ce6a3c88ea528e362bfe9135a7dd1413f9b
parentb5aec200a05abd7acd5e91b8b2b029b6c66b7d0f [diff]
Revert "Enable network sandbox by default on Windows"

This reverts commit c6bd7f09744da20cbba08c7ffe86537885f4353d.

Reason for revert: crbug.com/466139402

Original change's description:
> Enable network sandbox by default on Windows
>
> This is in preparation for the full launch.
>
> BUG=40091331
>
> Change-Id: I6ca7bb2c8e2367ce2e2323c6a7e21676174cc3f9
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7204292
> Reviewed-by: Alex Gough <ajgo@chromium.org>
> Commit-Queue: Will Harris <wfh@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1550154}

Bug: 40091331, 466139402
Change-Id: I8bfdf89bdea042acfd7363153a210494e5caaaf4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7238493
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Commit-Queue: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1555563}
NOKEYCHECK=True
GitOrigin-RevId: e1e1886942e5e819fc91e6c6f7b38c5c14c5530a
1 file changed
tree: b9383ce6a3c88ea528e362bfe9135a7dd1413f9b
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. COMMON_METADATA
  7. constants.h
  8. DEPS
  9. DIR_METADATA
  10. features.cc
  11. features.gni
  12. features.h
  13. OWNERS
  14. README.md
  15. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.