Lines Matching full:sandbox
15 namespace sandbox { class SetuidSandboxClient; }
23 // This is a list of sandbox IPC methods which the renderer may send to the
24 // sandbox host. See http://code.google.com/p/chromium/wiki/LinuxSandboxIPC
40 // are enabled. If using the setuid sandbox, this should be called manually
41 // before the setuid sandbox is engaged.
44 // Initialize the sandbox with the given pre-built configuration. Currently
45 // seccomp-bpf and address space limitations (the setuid sandbox works
50 // Returns the Status of the renderers' sandbox. Can only be queried after
63 // Simple accessor for our instance of the setuid sandbox. Will never return
67 sandbox::SetuidSandboxClient* setuid_sandbox_client() const;
69 // Check the policy and eventually start the seccomp-bpf sandbox. This should
84 // in the sandbox is closed. For now, this consists of closing proc_fd_.
88 // allow for sandbox bypasses. It needs to be closed before we consider
95 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_;
