Google Git
Sign in
chromium / chromium / src / sandbox / a659aefb273c54f959eb83bd470eb30ee5314a2f
commita659aefb273c54f959eb83bd470eb30ee5314a2f[log] [tgz]
authorVictor Hugo Vianna Silva <victorvianna@google.com>Tue Dec 09 02:28:46 2025
committerCopybara-Service <copybara-worker@google.com>Tue Dec 09 02:34:27 2025
tree759e4c54a5c56af2d43efd4f7c3a7243ca466687
parent41c70042b9058689c19e886fd6dbf5ff8dc2730e [diff]
Fix more IWYU issues

These issues came up while trying to replace base/types/expected.h with
<expected>. We might not adopt std::expected<> in the end, but this
is still worth landing.

Headers added with `git grep` + `tools/add_header.py`
- base/strings/strcat.h
- base/strings/to_string.h
- base/strings/string_view_util.h

Headers added manually in a few instances.
- build/build_config.h
- base/check.h
- base/notreached.h
- base/time/time.h
- base/functional/callback_helpers.h

Change-Id: I490cd1630d813dd6f07e57fe31f7677076597884
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7228863
Reviewed-by: Lei Zhang <thestig@chromium.org>
Commit-Queue: Victor Vianna <victorvianna@google.com>
Auto-Submit: Victor Vianna <victorvianna@google.com>
Owners-Override: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1555861}
NOKEYCHECK=True
GitOrigin-RevId: e8b169d1e8ed51cc6e49a169f10c4876e5a9e30f
1 file changed
tree: 759e4c54a5c56af2d43efd4f7c3a7243ca466687
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. COMMON_METADATA
  7. constants.h
  8. DEPS
  9. DIR_METADATA
  10. features.cc
  11. features.gni
  12. features.h
  13. OWNERS
  14. README.md
  15. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.