chromium/src
0
Fork 0
Code Activity
Files
3a56132b43e829978c14ef98403e65fbb86e515d
src/sandbox
History
Alex Gough 65b18c9383 Revert "Reduce scope of unsafe-buffers in signed_interception.cc" 
This reverts commit 5a7afce638.

Reason for revert: pinpoint fails to start a browser for some
benchmarking runs - it is not yet clear what is not working but applying
the revert allows pinpoint to build and run benchmarks again. See
https://pinpoint-dot-chromeperf.appspot.com/job/1720deaf210000.

> Reduce scope of unsafe-buffers in signed_interception.cc
> Moves a fake-memset from a header into a call to ntdll!memset,
> which must be added so that it is available. ntdll!memset is
> marked as an unsafe-buffers operation. We cannot directly use a
> span copy as that might use memset from the CRT which may not be
> initialized when this dll-loading hook might be called.
> Bug: 351564777
> Change-Id: I6b957e59d09d4585875ef5176fe0ede167146435
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6151234
> Commit-Queue: Alex Gough <ajgo@chromium.org>
> Reviewed-by: Will Harris <wfh@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1404411}

Bug: 351564777
Change-Id: I10d555df0b8120a5a8a52bb78875ec1d924adf79
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6175544
Reviewed-by: Arthur Wang <wuwang@chromium.org>
Commit-Queue: Alex Gough <ajgo@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1406485}
2025-01-14 18:36:01 -08:00
..
linux
sandbox: add missing includes for the build with use_libcxx_modules
2025-01-09 09:12:31 -08:00
mac
policy
Move chrome/browser/ash/arc/video/ to chromeos/ash/experiences/arc/video
2025-01-13 17:40:11 -08:00
win
Revert "Reduce scope of unsafe-buffers in signed_interception.cc"
2025-01-14 18:36:01 -08:00
BUILD.gn
COMMON_METADATA
constants.h
DEPS
DIR_METADATA
features.cc
features.gni
features.h
OWNERS
README.md
sandbox_export.h

README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.