chromium/src
0
Fork 0
Code Activity
Files
4be7a00adf3daa3a91ac3453e69a08d603672c78
src/sandbox
History
Alex Gough 8fa51b7f8d Reland "Use smaller allocations in QueryObjectInformation" 
This is a reland of commit a09022d0bf

Previous CL (a) moved some pointers when it shouldn't and (b) treated
any failure as a size-problem. This updated CL now checks for size
related status codes, and ensures that pointers that should point
within the returned buffers still do.

Original change's description:
> Use smaller allocations in QueryObjectInformation
>
> Refactors QueryObjectInformation to always return strings (we only
> use it for stringy attributes) and to start with a small allocation
> then try a larger one if that initially fails.
>
> Bug: 1393296
> Change-Id: I61a542b69d32b4eb753355e97d7b2362722e6619
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4063173
> Commit-Queue: Alex Gough <ajgo@chromium.org>
> Reviewed-by: James Forshaw <forshaw@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1077194}

Bug: 1393296
Change-Id: I1e2a75ccbe513b302c8af38169ed713285b50a8e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4066666
Commit-Queue: Alex Gough <ajgo@chromium.org>
Reviewed-by: James Forshaw <forshaw@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1080147}
2022-12-07 03:01:42 +00:00
..
linux
Return owning reference from SetuidSandbox{Client,Host}::Create()
2022-11-30 21:07:26 +00:00
mac
Remove deprecated sandbox::SandboxCompiler constructor
2022-12-06 21:36:09 +00:00
policy
mac: Add the CacheMacSandboxProfiles feature and sandbox policy cache
2022-12-06 16:46:19 +00:00
win
Reland "Use smaller allocations in QueryObjectInformation"
2022-12-07 03:01:42 +00:00
BUILD.gn
Update copyright headers in skia/, services, sandbox/
2022-09-15 20:03:19 +00:00
COMMON_METADATA
constants.h
Update copyright headers in skia/, services, sandbox/
2022-09-15 20:03:19 +00:00
DEPS
DIR_METADATA
features.cc
[Windows] Remove remaining sandbox Windows version checks.
2022-11-18 18:00:20 +00:00
features.gni
Update copyright headers in skia/, services, sandbox/
2022-09-15 20:03:19 +00:00
features.h
[Windows] Remove remaining sandbox Windows version checks.
2022-11-18 18:00:20 +00:00
ipc.dict
Update copyright headers in skia/, services, sandbox/
2022-09-15 20:03:19 +00:00
OWNERS
README.md
sandbox_export.h
Update copyright headers in skia/, services, sandbox/
2022-09-15 20:03:19 +00:00

README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.