content/common/sandbox_init_wrapper_mac.cc

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "content/common/sandbox_init_wrapper.h"
   6
   7 #include "base/command_line.h"
   8 #include "base/file_path.h"
   9 #include "base/logging.h"
  10 #include "content/common/content_switches.h"
  11 #include "content/common/sandbox_mac.h"
  12
  13 bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line,
  14                                            const std::string& process_type) {
  15   using sandbox::Sandbox;
  16
  17   if (command_line.HasSwitch(switches::kNoSandbox))
  18     return true;
  19
  20   Sandbox::SandboxProcessType sandbox_process_type;
  21   FilePath allowed_dir;  // Empty by default.
  22
  23   if (process_type.empty()) {
  24     // Browser process isn't sandboxed.
  25     return true;
  26   } else if (process_type == switches::kRendererProcess) {
  27     if (!command_line.HasSwitch(switches::kDisable3DAPIs) &&
  28         !command_line.HasSwitch(switches::kDisableExperimentalWebGL) &&
  29         command_line.HasSwitch(switches::kInProcessWebGL)) {
  30       // TODO(kbr): this check seems to be necessary only on this
  31       // platform because the sandbox is initialized later. Remove
  32       // this once this flag is removed.
  33       return true;
  34     } else {
  35       sandbox_process_type = Sandbox::SANDBOX_TYPE_RENDERER;
  36     }
  37   } else if (process_type == switches::kExtensionProcess) {
  38     // Extension processes are just renderers [they use RenderMain()] with a
  39     // different set of command line flags.
  40     // If we ever get here it means something has changed in regards
  41     // to the extension process mechanics and we should probably reexamine
  42     // how we sandbox extension processes since they are no longer identical
  43     // to renderers.
  44     NOTREACHED();
  45     return true;
  46   } else if (process_type == switches::kUtilityProcess) {
  47     // Utility process sandbox.
  48     sandbox_process_type = Sandbox::SANDBOX_TYPE_UTILITY;
  49     allowed_dir =
  50         command_line.GetSwitchValuePath(switches::kUtilityProcessAllowedDir);
  51   } else if (process_type == switches::kWorkerProcess) {
  52     // Worker process sandbox.
  53     sandbox_process_type = Sandbox::SANDBOX_TYPE_WORKER;
  54   } else if (process_type == switches::kNaClLoaderProcess) {
  55     // Native Client sel_ldr (user untrusted code) sandbox.
  56     sandbox_process_type = Sandbox::SANDBOX_TYPE_NACL_LOADER;
  57   } else if (process_type == switches::kGpuProcess) {
  58     sandbox_process_type = Sandbox::SANDBOX_TYPE_GPU;
  59   } else if ((process_type == switches::kPluginProcess) ||
  60              (process_type == switches::kProfileImportProcess) ||
  61              (process_type == switches::kServiceProcess)) {
  62     return true;
  63   } else if (process_type == switches::kPpapiPluginProcess) {
  64     sandbox_process_type = Sandbox::SANDBOX_TYPE_PPAPI;
  65   } else {
  66     // Failsafe: If you hit an unreached here, is your new process type in need
  67     // of sandboxing?
  68     NOTREACHED() << "Unknown process type " << process_type;
  69     return true;
  70   }
  71
  72   // Warm up APIs before turning on the sandbox.
  73   Sandbox::SandboxWarmup(sandbox_process_type);
  74
  75   // Actually sandbox the process.
  76   return Sandbox::EnableSandbox(sandbox_process_type, allowed_dir);
  77 }