// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef SANDBOX_POLICY_LINUX_SANDBOX_LINUX_H_ #define SANDBOX_POLICY_LINUX_SANDBOX_LINUX_H_ #include <memory> #include <string> #include <vector> #include "base/check_op.h" #include "base/memory/raw_ptr.h" #include "base/posix/global_descriptors.h" #include "base/sanitizer_buildflags.h" #include "sandbox/linux/syscall_broker/broker_command.h" #include "sandbox/linux/syscall_broker/broker_file_permission.h" #include "sandbox/policy/export.h" #include "sandbox/policy/linux/sandbox_seccomp_bpf_linux.h" #if BUILDFLAG(USING_SANITIZER) #include <sanitizer/common_interface_defs.h> #endif namespace base { template <typename T> struct DefaultSingletonTraits; class Thread; } // namespace base namespace sandbox { namespace mojom { enum class Sandbox; } // namespace mojom namespace syscall_broker { class BrokerProcess; } // namespace syscall_broker class SetuidSandboxClient; } // namespace sandbox namespace sandbox { namespace policy { // A singleton class to represent and change our sandboxing state for the // three main Linux sandboxes. // The sandboxing model allows using two layers of sandboxing. The first layer // can be implemented either with unprivileged namespaces or with the setuid // sandbox. This class provides a way to engage the namespace sandbox, but does // not deal with the legacy setuid sandbox directly. // The second layer is mainly based on seccomp-bpf and is engaged with // InitializeSandbox(). InitializeSandbox() is also responsible for "sealing" // the first layer of sandboxing. That is, InitializeSandbox must always be // called to have any meaningful sandboxing at all. class SANDBOX_POLICY_EXPORT SandboxLinux { … }; } // namespace policy } // namespace sandbox #endif // SANDBOX_POLICY_LINUX_SANDBOX_LINUX_H_
Codebase Browser
chromium