Google Git
Sign in
chromium / chromium / src / sandbox / bfe3c2a79b622c5a55b5f62c77b7c08018476f82
commitbfe3c2a79b622c5a55b5f62c77b7c08018476f82[log] [tgz]
authorStephen Nusko <nuskos@chromium.org>Thu May 01 21:05:37 2025
committerCopybara-Service <copybara-worker@google.com>Thu May 01 21:11:46 2025
treeebb612b054b82746b3bf9ad3c4d10d301f60e252
parentec879da824116070f65a7a4c67ce407cc77829f2 [diff]
spanification: remove `#pragma allow_unsafe_buffers` where unneeded

This is a clean up of any files that now compile without the pragma.
This CL has no behavior changes.

The original patch was fully automated using script:
//tools/clang/spanify/remove-unneeded-pragmas.py

and then split with
`git cl split --target-range 8 32 --max-depth=2 --expect-owners-override --no-reviewers -d ~/description.txt`

This covers directories:
['content', 'chrome', 'sandbox', 'skia', 'dbus', 'remoting', 'testing']

This is part of auto spanification see internal doc about it:
https://docs.google.com/document/d/1erdcokeh6rfBqs_h0drHqSLtbDbB61j7j3O2Pz8NH78/edit?resourcekey=0-hNe6w1hYAYyVXGEpWI7HVA&tab=t.0

This CL was uploaded by an experimental version of git cl split
(https://crbug.com/389069356).

Bug: 414858406
Change-Id: I2fc638ec819fde0d50fdfb16a8267dc6b2115025
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6504299
Reviewed-by: Alex Gough <ajgo@chromium.org>
Auto-Submit: Stephen Nusko <nuskos@chromium.org>
Commit-Queue: Alex Gough <ajgo@chromium.org>
Reviewed-by: Yuki Shiino <yukishiino@chromium.org>
Reviewed-by: Joe Downing <joedow@chromium.org>
Owners-Override: Alex Gough <ajgo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1454668}
NOKEYCHECK=True
GitOrigin-RevId: 00d4083c4d60c705517dd37523e95c0a08d4a191
3 files changed
tree: ebb612b054b82746b3bf9ad3c4d10d301f60e252
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. COMMON_METADATA
  7. constants.h
  8. DEPS
  9. DIR_METADATA
  10. features.cc
  11. features.gni
  12. features.h
  13. OWNERS
  14. README.md
  15. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.