HomeSort by relevance Sort by last modified time
    Searched full:sandbox (Results 101 - 125 of 990) sorted by null

1 2 3 45 6 7 8 91011>>

  /external/chromium_org/components/nacl/loader/sandbox_linux/
nacl_sandbox_linux.h 12 namespace sandbox { namespace
21 // layer-2 uses seccomp-bpf. It requires the layer-1 sandbox to not yet be
23 // For the layer-1 sandbox to work, the current process must be a child of
24 // the setuid sandbox. InitializeLayerOneSandbox() can only be called once
25 // per instance of the setuid sandbox.
42 // This API will only work if the layer-1 sandbox is not sealed and the
43 // layer-2 sandbox is not engaged.
48 // This API will only work if the layer-1 sandbox is not sealed and the
49 // layer-2 sandbox is not engaged.
51 // Will attempt to initialize the layer-1 sandbox, depending on flags and th
    [all...]
  /external/chromium_org/content/public/common/
sandbox_init.h 18 namespace sandbox { namespace
28 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in
32 // Returns true if the sandbox was initialized succesfully, false if an error
36 sandbox::SandboxInterfaceInfo* sandbox_info);
39 // that works inside the sandbox and can send handles but not retrieve
48 // Inform the current process's sandbox broker (e.g. the broker for
49 // 32-bit processes) about a process created under a different sandbox
65 // Initialize the sandbox of the given |sandbox_type|, optionally specifying a
67 // supported by the sandbox profile associated with the given |sandbox_type|.
74 // sandbox::SANDBOX_PROCESS_TYPE_AFTER_LAST_TYPE
    [all...]
sandboxed_process_launcher_delegate.h 21 namespace sandbox { namespace
28 // BrowserChildProcessHost/ChildProcessLauncher to control the sandbox policy,
37 // process (which implies no sandbox).
41 // return false if the process should be launched without a sandbox
45 // Called before the default sandbox is applied. If the default policy is too
48 //directory through the sandbox.
53 virtual void PreSpawnTarget(sandbox::TargetPolicy* policy,
60 // Override this to return true to use the setuid sandbox.
71 // SANDBOX_TYPE_INVALID for no sandbox policy.
  /external/chromium_org/content/common/
sandbox_win.cc 28 #include "sandbox/win/src/process_mitigations.h"
29 #include "sandbox/win/src/sandbox.h"
30 #include "sandbox/win/src/sandbox_nt_util.h"
31 #include "sandbox/win/src/win_utils.h"
34 static sandbox::BrokerServices* g_broker_services = NULL;
35 static sandbox::TargetServices* g_target_services = NULL;
116 sandbox::TargetPolicy::Semantics access,
117 sandbox::TargetPolicy* policy) {
125 sandbox::ResultCode result
    [all...]
sandbox_mac_diraccess_unittest.mm 9 #include <sandbox.h>
29 // Tests need to be in the same namespace as the Sandbox class to be useable
67 EXPECT_TRUE(Sandbox::QuotePlainString(in, &out));
90 EXPECT_FALSE(Sandbox::QuoteStringForRegex(fail_string, &out));
91 EXPECT_TRUE(Sandbox::QuoteStringForRegex(ok_string, &out));
98 EXPECT_TRUE(Sandbox::QuoteStringForRegex("}", &out)); // } == 0x7D == 125
99 EXPECT_FALSE(Sandbox::QuoteStringForRegex("~", &out)); // ~ == 0x7E == 126
101 Sandbox::QuoteStringForRegex(base::WideToUTF8(L"^\u2135.\u2136$"),
109 EXPECT_TRUE(Sandbox::QuoteStringForRegex(in, &out));
128 EXPECT_TRUE(Sandbox::QuoteStringForRegex(in_utf8, &out))
    [all...]
sandbox_mac.h 30 // Class representing a substring of the sandbox profile tagged with its type.
57 class CONTENT_EXPORT Sandbox {
64 // sandbox is turned on. |sandbox_type| is the type of sandbox to warm up.
70 // Turns on the OS X sandbox for this process.
71 // |sandbox_type| - type of Sandbox to use. See SandboxWarmup() for legal
73 // |allowed_dir| - directory to allow access to, currently the only sandbox
76 // Returns true on success, false if an error occurred enabling the sandbox.
80 // Returns true if the sandbox has been enabled for the current process.
86 // Build the Sandbox command necessary to allow access to a named director
    [all...]
sandbox_init_mac.cc 16 // Warm up APIs before turning on the sandbox.
17 Sandbox::SandboxWarmup(sandbox_type);
19 // Actually sandbox the process.
20 return Sandbox::EnableSandbox(sandbox_type, allowed_dir);
25 // sandbox was disabled from the command line.
46 // Utility process sandbox.
51 // Worker process sandbox.
65 // the sandbox profile in ContentClient::GetSandboxProfileForSandboxType.
80 "org.chromium.sandbox.real_bootstrap_server";
sandbox_mac_unittest_helper.h 13 // Helpers for writing unit tests that runs in the context of the Mac sandbox.
17 // its functions to run code before or after the sandbox is initialised in a
28 // .. test code that runs in sandbox goes here ..
43 // a given test in the sandbox.
46 // Runs a test specified by |test_name| in a sandbox of the type specified
48 // to the child process runing in the sandbox, or NULL if additional data is
56 // Runs the test specified by |test_name| in all the different sandbox types
63 // Additional sandbox types defined by the embedder (e.g. the NaCl sandbox)
69 // Class to ease writing test cases that run inside the OS X sandbox
    [all...]
sandbox_mac_unittest_helper.mm 8 #include <sandbox.h>
54 // Go through all the sandbox types, and run the test case in each of them
62 "Failed in sandbox type " << i <<
111 LOG(ERROR) << "Couldn't find sandbox test case(" << name << ")";
118 // Main function for driver process that enables the sandbox and runs test
126 LOG(ERROR) << "Sandbox type not specified";
132 LOG(ERROR) << "Sandbox test name not specified";
142 LOG(ERROR) << "Invalid sandbox test name (" << sandbox_test_name << ")";
150 LOG(ERROR) << sandbox_test_name << "Failed test before sandbox init";
154 Sandbox::SandboxWarmup(sandbox_type)
    [all...]
  /external/chromium_org/content/common/sandbox_linux/
sandbox_seccomp_bpf_linux.cc 20 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"
31 #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h"
32 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
33 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
34 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
35 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
36 #include "sandbox/linux/services/linux_syscalls.h"
38 using sandbox::BaselinePolicy;
39 using sandbox::SyscallSets;
56 void StartSandboxWithPolicy(sandbox::SandboxBPFPolicy* policy)
160 SandboxBPF sandbox; local
    [all...]
  /external/chromium_org/sandbox/win/tools/launcher/
launcher.cc 5 #include "sandbox/win/src/restricted_token_utils.h"
27 sandbox::TokenLevel* level) {
29 *level = sandbox::USER_LOCKDOWN;
31 *level = sandbox::USER_RESTRICTED;
33 *level = sandbox::USER_LIMITED;
35 *level = sandbox::USER_INTERACTIVE;
37 *level = sandbox::USER_NON_ADMIN;
39 *level = sandbox::USER_RESTRICTED_SAME_ACCESS;
41 *level = sandbox::USER_UNPROTECTED;
49 bool GetJobLevelFromString(const wchar_t *param, sandbox::JobLevel* level)
    [all...]
  /external/chromium_org/sandbox/mac/
bootstrap_sandbox.cc 5 #include "sandbox/mac/bootstrap_sandbox.h"
14 #include "sandbox/mac/launchd_interception_server.h"
16 namespace sandbox { namespace
23 scoped_ptr<BootstrapSandbox> sandbox(new BootstrapSandbox());
24 sandbox->server_.reset(new LaunchdInterceptionServer(sandbox.get()));
30 sandbox->server_bootstrap_name().c_str(), &port);
33 << "Failed to bootstrap_check_in the sandbox server.";
38 // Start the sandbox server.
39 if (sandbox->server_->Initialize(scoped_port.get())
    [all...]
xpc.h 16 #include "sandbox/mac/xpc_stubs.h"
19 #include "sandbox/mac/xpc_stubs_header.fragment"
26 #include "sandbox/mac/xpc_stubs.sig"
28 #include "sandbox/mac/xpc_private_stubs.sig"
35 #include "sandbox/mac/xpc_private_stubs.sig"
  /external/chromium_org/native_client_sdk/src/doc/reference/sandbox_internals/
index.rst 4 Sandbox Internals
7 The sandbox internals documentation describes implementation details for
9 Client. These details can be useful to reimplement a sandbox, or to
20 untrusted: it too runs in a Native Client sandbox described below.
24 * :ref:`ARM 32-bit <arm-32-bit-sandbox>`.
25 * x86-32: the original design is described in `Native Client: A Sandbox
29 * :ref:`x86-64 <x86-64-sandbox>`.
  /external/chromium_org/sandbox/win/src/
integrity_level_test.cc 10 #include "sandbox/win/src/sandbox.h"
11 #include "sandbox/win/src/sandbox_policy.h"
12 #include "sandbox/win/src/sandbox_factory.h"
13 #include "sandbox/win/tests/common/controller.h"
15 namespace sandbox { namespace
90 } // namespace sandbox
named_pipe_policy.cc 5 #include "sandbox/win/src/named_pipe_policy.h"
9 #include "sandbox/win/src/ipc_tags.h"
10 #include "sandbox/win/src/policy_engine_opcodes.h"
11 #include "sandbox/win/src/policy_params.h"
12 #include "sandbox/win/src/sandbox_types.h"
43 namespace sandbox { namespace
86 } // namespace sandbox
target_interceptions.cc 5 #include "sandbox/win/src/target_interceptions.h"
7 #include "sandbox/win/src/interception_agent.h"
8 #include "sandbox/win/src/sandbox_factory.h"
9 #include "sandbox/win/src/sandbox_nt_util.h"
10 #include "sandbox/win/src/target_services.h"
12 namespace sandbox { namespace
100 } // namespace sandbox
named_pipe_dispatcher.cc 5 #include "sandbox/win/src/named_pipe_dispatcher.h"
10 #include "sandbox/win/src/crosscall_client.h"
11 #include "sandbox/win/src/interception.h"
12 #include "sandbox/win/src/interceptors.h"
13 #include "sandbox/win/src/ipc_tags.h"
14 #include "sandbox/win/src/named_pipe_interception.h"
15 #include "sandbox/win/src/named_pipe_policy.h"
16 #include "sandbox/win/src/policy_broker.h"
17 #include "sandbox/win/src/policy_params.h"
18 #include "sandbox/win/src/sandbox.h
21 namespace sandbox { namespace
    [all...]
named_pipe_policy.h 12 #include "sandbox/win/src/crosscall_server.h"
13 #include "sandbox/win/src/policy_low_level.h"
14 #include "sandbox/win/src/sandbox_policy.h"
16 namespace sandbox { namespace
43 } // namespace sandbox
service_resolver.cc 5 #include "sandbox/win/src/service_resolver.h"
8 #include "sandbox/win/src/internal_types.h"
9 #include "sandbox/win/src/sandbox_nt_util.h"
11 namespace sandbox { namespace
46 } // namespace sandbox
win2k_threadpool.h 10 #include "sandbox/win/src/crosscall_server.h"
12 namespace sandbox { namespace
15 // for the sandbox IPC subsystem. See sandbox\crosscall_server.h for the details
56 } // namespace sandbox
  /external/chromium_org/components/nacl/loader/
nacl_main_platform_delegate_linux.cc 16 // The setuid sandbox is started in the zygote process: zygote_main_linux.cc
19 // The seccomp sandbox is started in the renderer.
26 // The seccomp sandbox should not be enabled for Native Client until
29 // At best, NaCl will not work. At worst, enabling the seccomp sandbox
30 // could create a hole in the NaCl sandbox.
  /external/chromium_org/third_party/WebKit/PerformanceTests/Mutation/
remove-child-deep.html 5 <div id="sandbox" style="display:none"></div>
7 var sandbox = document.getElementById('sandbox');
8 var node = sandbox;
32 observer.observe(sandbox, {childList: true, subtree: true});
  /external/chromium_org/sandbox/linux/suid/client/
setuid_sandbox_client.cc 5 #include "sandbox/linux/suid/client/setuid_sandbox_client.h"
28 #include "sandbox/linux/services/init_process_reaper.h"
29 #include "sandbox/linux/suid/common/sandbox.h"
30 #include "sandbox/linux/suid/common/suid_unsafe_environment_variables.h"
40 // setuid sandbox. Old versions of the sandbox will ignore this.
42 env->SetVar(sandbox::kSandboxEnvironmentApiRequest,
43 base::IntToString(sandbox::kSUIDSandboxApiNumber));
47 // sandbox. This is to allow nesting of one instance of the SUID sandbo
137 namespace sandbox { namespace
    [all...]
  /external/chromium_org/chrome/common/extensions/docs/templates/articles/manifest/
sandbox.html 1 <h1 id="sandbox">Manifest - Sandbox</h1>
6 with them. Being in a sandbox has two implications:
21 served in a sandbox with a custom CSP:</p>
26 "sandbox": {
33 "sandbox allow-scripts; script-src https://www.google.com"
41 <code>sandbox allow-scripts allow-forms</code>. You can specify your CSP
42 value to restrict the sandbox even further, but it must have the <code>sandbox</code>
44 <a href="http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-sandbox">th
    [all...]

Completed in 361 milliseconds

1 2 3 45 6 7 8 91011>>