sandboxed_process_launcher_delegate.h revision a1401311d1ab56c4ed0a474bd38c108f75cb0cd9 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CONTENT_PUBLIC_COMMON_SANDBOXED_PROCESS_LAUNCHER_DELEGATE_H_
6#define CONTENT_PUBLIC_COMMON_SANDBOXED_PROCESS_LAUNCHER_DELEGATE_H_
7
8#include "base/environment.h"
9#include "base/process/process.h"
10
11#include "content/common/content_export.h"
12
13namespace base {
14class FilePath;
15}
16
17namespace sandbox {
18class TargetPolicy;
19}
20
21namespace content {
22
23// Allows a caller of StartSandboxedProcess or
24// BrowserChildProcessHost/ChildProcessLauncher to control the sandbox policy,
25// i.e. to loosen it if needed.
26// The methods below will be called on the PROCESS_LAUNCHER thread.
27class CONTENT_EXPORT SandboxedProcessLauncherDelegate {
28 public:
29  virtual ~SandboxedProcessLauncherDelegate() {}
30
31#if defined(OS_WIN)
32  // Override to return true if the process should be launched as an elevated
33  // process (which implies no sandbox).
34  virtual bool ShouldLaunchElevated();
35
36  // By default, the process is launched sandboxed. Override this method to
37  // return false if the process should be launched without a sandbox
38  // (i.e. through base::LaunchProcess directly).
39  virtual bool ShouldSandbox();
40
41  // Called before the default sandbox is applied. If the default policy is too
42  // restrictive, the caller should set |disable_default_policy| to true and
43  // apply their policy in PreSpawnTarget. |exposed_dir| is used to allow a
44  //directory through the sandbox.
45  virtual void PreSandbox(bool* disable_default_policy,
46                          base::FilePath* exposed_dir) {}
47
48  // Called right before spawning the process.
49  virtual void PreSpawnTarget(sandbox::TargetPolicy* policy,
50                              bool* success) {}
51
52  // Called right after the process is launched, but before its thread is run.
53  virtual void PostSpawnTarget(base::ProcessHandle process) {}
54
55#elif defined(OS_POSIX)
56  // Override this to return true to use the setuid sandbox.
57  virtual bool ShouldUseZygote();
58
59  // Override this if the process needs a non-empty environment map.
60  virtual base::EnvironmentMap GetEnvironment();
61
62  // Return the file descriptor for the IPC channel.
63  virtual int GetIpcFd() = 0;
64
65#endif
66};
67
68}  // namespace content
69
70#endif  // CONTENT_PUBLIC_COMMON_SANDBOXED_PROCESS_LAUNCHER_DELEGATE_H_
71