chromium/src
0
Fork 0
Code Activity
Files
5c6fa34bd1ab87d4b89492b43423f2d5cda67d92
src/sandbox
History
Bartek Nowierski 3639bba7b2 Fully transition to bits::AlignUp, obliterate bits::Align 
Change-Id: I15aba9a8e29a8c96725093f9dfe66647767c3958
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2910029
Commit-Queue: Bartek Nowierski <bartekn@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
Reviewed-by: Primiano Tucci <primiano@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Owners-Override: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#885940}
2021-05-24 14:42:42 +00:00
..
linux
Fully transition to bits::AlignUp, obliterate bits::Align
2021-05-24 14:42:42 +00:00
mac
[COIL] Change chromium code search type links to use main rather than master for sandbox
2021-05-20 21:02:58 +00:00
policy
[COIL] Change chromium code search type links to use main rather than master for sandbox
2021-05-20 21:02:58 +00:00
win
Remove unneeded base/stl_util.h includes in various dirs.
2021-05-21 20:10:54 +00:00
BUILD.gn
constants.h
Adjust Sandbox memory limit
2021-03-31 22:00:52 +00:00
DEPS
DIR_METADATA
[COIL] Change chromium code search type links to use main rather than master for sandbox
2021-05-20 21:02:58 +00:00
features.gni
ipc.dict
OWNERS
Remove jschuh from OWNERS files.
2021-04-06 21:53:09 +00:00
README.md
sandbox_export.h

README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.