sandboxed_process_launcher_delegate.h revision a1401311d1ab56c4ed0a474bd38c108f75cb0cd9
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CONTENT_PUBLIC_COMMON_SANDBOXED_PROCESS_LAUNCHER_DELEGATE_H_ 6#define CONTENT_PUBLIC_COMMON_SANDBOXED_PROCESS_LAUNCHER_DELEGATE_H_ 7 8#include "base/environment.h" 9#include "base/process/process.h" 10 11#include "content/common/content_export.h" 12 13namespace base { 14class FilePath; 15} 16 17namespace sandbox { 18class TargetPolicy; 19} 20 21namespace content { 22 23// Allows a caller of StartSandboxedProcess or 24// BrowserChildProcessHost/ChildProcessLauncher to control the sandbox policy, 25// i.e. to loosen it if needed. 26// The methods below will be called on the PROCESS_LAUNCHER thread. 27class CONTENT_EXPORT SandboxedProcessLauncherDelegate { 28 public: 29 virtual ~SandboxedProcessLauncherDelegate() {} 30 31#if defined(OS_WIN) 32 // Override to return true if the process should be launched as an elevated 33 // process (which implies no sandbox). 34 virtual bool ShouldLaunchElevated(); 35 36 // By default, the process is launched sandboxed. Override this method to 37 // return false if the process should be launched without a sandbox 38 // (i.e. through base::LaunchProcess directly). 39 virtual bool ShouldSandbox(); 40 41 // Called before the default sandbox is applied. If the default policy is too 42 // restrictive, the caller should set |disable_default_policy| to true and 43 // apply their policy in PreSpawnTarget. |exposed_dir| is used to allow a 44 //directory through the sandbox. 45 virtual void PreSandbox(bool* disable_default_policy, 46 base::FilePath* exposed_dir) {} 47 48 // Called right before spawning the process. 49 virtual void PreSpawnTarget(sandbox::TargetPolicy* policy, 50 bool* success) {} 51 52 // Called right after the process is launched, but before its thread is run. 53 virtual void PostSpawnTarget(base::ProcessHandle process) {} 54 55#elif defined(OS_POSIX) 56 // Override this to return true to use the setuid sandbox. 57 virtual bool ShouldUseZygote(); 58 59 // Override this if the process needs a non-empty environment map. 60 virtual base::EnvironmentMap GetEnvironment(); 61 62 // Return the file descriptor for the IPC channel. 63 virtual int GetIpcFd() = 0; 64 65#endif 66}; 67 68} // namespace content 69 70#endif // CONTENT_PUBLIC_COMMON_SANDBOXED_PROCESS_LAUNCHER_DELEGATE_H_ 71