| commit | 4882d68656ada9b831b9892e751f8742252389cd | [log] [tgz] |
|---|---|---|
| author | Alex St-Onge <alstonge@chromium.org> | Tue Sep 14 01:41:23 2021 |
| committer | Copybara-Service <copybara-worker@google.com> | Tue Sep 14 01:53:05 2021 |
| tree | 0bcea400f7fd6426c7df25b0eb265556c3b84fef | |
| parent | a28dee4bb44ad56a3d11df02af6c2ea0d2e66037 [diff] |
Reland "Move media foundation cdm store to user profile folder" This change now skip the tests if not on Windows 10 because the implementation depends on Sid::FromNamedCapabilityVector which isn't available on older OS version. The Media Foundation CDM is also not supported on previous version of Windows. This is a reland of 68b4aa997761749ba4a695fc436b446320d53fd8 Original change's description: > Move media foundation cdm store to user profile folder > > This change add support for clearing the CDM store folder used by > the MediaFoundationCDM. It also changes the folder used by the CDM > by moving it under the chrome profile directory. > > To allow the CDM process to write into this new folder we added > a new capability to the MediaFoundationService process. > > Tested by watching protected content, observing that the CDM > could write its files into the user profile and then clearing the > browser data and verifying that the file were correctly deleted. > > Bug: 1115690 > Change-Id: I047f04267ec219482d6564c77f621f9f97a549d9 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3125894 > Reviewed-by: Will Harris <wfh@chromium.org> > Reviewed-by: Xiaohan Wang <xhwang@chromium.org> > Reviewed-by: Joshua Bell <jsbell@chromium.org> > Commit-Queue: Alex St-Onge <alstonge@chromium.org> > Cr-Commit-Position: refs/heads/main@{#918231} Bug: 1115690 Change-Id: Ie3d069c720024d043e88849ca67b6078c5057d4c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3145439 Reviewed-by: Will Harris <wfh@chromium.org> Reviewed-by: Scott Violet <sky@chromium.org> Reviewed-by: Joshua Bell <jsbell@chromium.org> Reviewed-by: Xiaohan Wang <xhwang@chromium.org> Commit-Queue: Alex St-Onge <alstonge@chromium.org> Cr-Commit-Position: refs/heads/main@{#921039} NOKEYCHECK=True GitOrigin-RevId: 444bf77aed0849fe49fee1d205d4915597ec7e47
This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.
Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:
mac/ uses the Seatbelt sandbox. See the detailed design for more.linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.