Google Git
Sign in
chromium / chromium / src / sandbox / 49da9fa5504deac891e475e6aa8975e8710d3729
commit49da9fa5504deac891e475e6aa8975e8710d3729[log] [tgz]
authorPeter Boström <pbos@chromium.org>Tue Sep 28 00:28:00 2021
committerCopybara-Service <copybara-worker@google.com>Tue Sep 28 00:41:05 2021
tree6cbd6d28ee4969690976c75901946d21a1aef7c0
parent48f055e573a404aa8094ff5bf7ea1ab125cd1d41 [diff]
Script remove more DISALLOW_COPY_AND_ASSIGNs

This applies a script previously used for large directories on all
remaining (smaller) directories as a single chunk.

This replaces DISALLOW_COPY_AND_ASSIGN with explicit constructor deletes
where a local script is able to detect its insertion place (~Foo() is
public => insert before this line).

This is incomplete as not all classes have a public ~Foo() declared, so
not all DISALLOW_COPY_AND_ASSIGN occurrences are replaced.

IWYU cleanup is left as a separate pass that is easier when these macros
go away.

Bug: 1010217
Change-Id: I572936462f763e1dd15dd88cdcf451ee14b34dd1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3182480
Reviewed-by: Lei Zhang <thestig@chromium.org>
Owners-Override: Lei Zhang <thestig@chromium.org>
Commit-Queue: Peter Boström <pbos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#925533}
NOKEYCHECK=True
GitOrigin-RevId: c68c5aad6c5f2cbbda3efc5a1e6dd647bbc55108
72 files changed
tree: 6cbd6d28ee4969690976c75901946d21a1aef7c0
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. constants.h
  7. DEPS
  8. DIR_METADATA
  9. features.gni
  10. ipc.dict
  11. OWNERS
  12. README.md
  13. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.