// Copyright 2015 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ #define SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_ #include <memory> #include "base/files/file_path.h" #include "base/files/scoped_file.h" #include "base/process/launch.h" #include "sandbox/sandbox_export.h" namespace sandbox { // Helper class to use the setuid sandbox. This class is to be used // before launching the setuid helper. // This class is difficult to use. It has been created by refactoring very old // code scathered through the Chromium code base. // // A typical use for "A" launching a sandboxed process "B" would be: // 1. A calls SetupLaunchEnvironment() // 2. A sets up a base::CommandLine and then amends it with // PrependWrapper() (or manually, by relying on GetSandboxBinaryPath()). // 3. A uses SetupLaunchOptions() to arrange for a dummy descriptor for the // setuid sandbox ABI. // 4. A launches B with base::LaunchProcess, using the amended // base::CommandLine. // (The remaining steps are described within setuid_sandbox_client.h.) class SANDBOX_EXPORT SetuidSandboxHost { … }; } // namespace sandbox #endif // SANDBOX_LINUX_SUID_CLIENT_SETUID_SANDBOX_HOST_H_
Codebase Browser
chromium