Adresa
:
[go:
nahoru
,
domu
]
Sign in
chromium
/
chromium
/
src
/
89a3da2f7d11ce62fe6b8de2794692258bfc8653
/
sandbox
4ca8312
seccomp: Allow per-PID clock as arguments to clock_gettime on Android.
by Tobias Sargeant
· 7 years ago
70fab0f
Fix syscall unittest: Syscall.ComplexSyscallSixArgs on Loongson.
by Wang Qing
· 7 years ago
a1bc9d0
macOS V2 Sandbox: Prevent the seatbelt client writev() from blocking.
by Greg Kerr
· 7 years ago
2a59f25
Reland "Update Android NDK to r16"
by bsheedy
· 7 years ago
fa5ed9f5
[Android] Allow setsockopt(<fd>, SOL_SOCKET, SO_SNDBUF, ...)
by Robert Sesek
· 7 years ago
bfdc3fd
Reduce includes of windows.h
by Bruce Dawson
· 7 years ago
0d72bb149
Roll clang 318667:321529.
by Reid Kleckner
· 7 years ago
bcd195d
Revert "Roll clang 318667:321204."
by Brad Lassey
· 7 years ago
0c42dd04
Reland "Added AppContainerProfile support to policy."
by James Forshaw
· 7 years ago
b3ed178
Revert "Added AppContainerProfile support to policy."
by Balazs Engedy
· 7 years ago
b8c94b9
Added AppContainerProfile support to policy.
by James Forshaw
· 7 years ago
ece1b14
Roll clang 318667:321204.
by Peter Collingbourne
· 7 years ago
c5ef3eda
Revert "Update Android NDK to r16"
by Brian Sheedy
· 7 years ago
2c1e0069
Update Android NDK to r16
by bsheedy
· 7 years ago
a84722a
Allow stat() in syscall broker if create permissions granted [linux]
by Tom Sepez
· 7 years ago
d4429890
Get sbox_instrumentation_tests running on X64.
by Sigurdur Asgeirsson
· 7 years ago
99cf160
crash_keys: Convert "seccomp-sigsys" to the new API.
by Robert Sesek
· 7 years ago
410c205
Revert "Roll clang 318667:320471."
by Hans Wennborg
· 7 years ago
92c16a7
Update sandbox code OWNERS.
by Chris Palmer
· 7 years ago
b592ae8
Roll clang 318667:320471.
by Hans Wennborg
· 7 years ago
510fa119
Fix CFI bad casts in ServiceResolverTest.
by Peter Collingbourne
· 7 years ago
79d229f
[linux] O_EXCL requirement in brokered open call too restrictive.
by Tom Sepez
· 7 years ago
318fca2
Proxy mkdir, rmdir, and unlink subject to permissions.
by Tom Sepez
· 7 years ago
18f5754
Rename syscall_broker::BrokerPolicy to BrokerPermissionList
by Tom Sepez
· 7 years ago
4776da5
Clean up code in broker_client.cc
by Tom Sepez
· 7 years ago
31b37bf7
Prevent BrokerProcess.StatFile failing on android.
by Tom Sepez
· 7 years ago
a788b14
Restrict command processed by syscall_broker process.
by Tom Sepez
· 7 years ago
1a70fdd
remove valgrind checks from //sandbox/linux
by Mostyn Bramley-Moore
· 7 years ago
b52d156
Use unique error value in broker_process_unitetest.cc
by Tom Sepez
· 7 years ago
2d078a6
Broker readlink system call subject to read permissions.
by Tom Sepez
· 7 years ago
e51d4d94
Broker rename(2) system call subject to write permissions.
by Tom Sepez
· 7 years ago
0abf534
Added impersonation capabilities.
by James Forshaw
· 7 years ago
12b8d4ba
Broker stat(2) system calls subject to read permissions.
by Tom Sepez
· 7 years ago
8e969ee
[Android] Permit PR_GET_NO_NEW_PRIVS under seccomp.
by Robert Sesek
· 7 years ago
c144209
Update comment for BrokerProcess constructor
by Tom Sepez
· 7 years ago
b77981e
Add a PRESUBMIT in //sandbox/linux to add extra CQ bots for Seccomp changes.
by Robert Sesek
· 7 years ago
452bf63
[jumbo] use RunningOnValgrind from dynamic_annotations
by Mostyn Bramley-Moore
· 7 years ago
467e6e5
Rename BrokerFilePermission::unlink_ to temporary_only_
by Tom Sepez
· 7 years ago
88c0816
Tidy BrokerProcess::SIGSYS_Handler()
by Tom Sepez
· 7 years ago
a19dd0b
Consolidate syscall broker policies and signal handling.
by Tom Sepez
· 7 years ago
322a049
Start up network service syscall broker process.
by Tom Sepez
· 7 years ago
c287196
Implement generic method for determining broker sandbox policy.
by Tom Sepez
· 7 years ago
1c00250
Spell length correctly
by Tom Anderson
· 7 years ago
0fe3176e
Get rid of most std::vector<int>::iterator usage.
by Lei Zhang
· 7 years ago
f4f97a9
Re-land "Move sandbox_win.cc to services/service_manager/sandbox/win""
by Tom Sepez
· 7 years ago
2e41759
Revert "Move sandbox_win.cc to services/service_manager/sandbox/win"
by Khushal
· 7 years ago
72709c6
Move sandbox_win.cc to services/service_manager/sandbox/win
by Tom Sepez
· 7 years ago
e2fd798
Linux sandbox: Fix GetGlibcCachedTid returning 0 on some systems
by Tom Anderson
· 7 years ago
4193247
Promote win10_chromium_x64_rel_ng to the commit queue
by smut
· 7 years ago
82f6080f
Hook up new rc.py.
by Nico Weber
· 7 years ago
8501acd
Added AppContainerProfile implementation
by James Forshaw
· 7 years ago
84ca74d
Moved lowbox token creation to restricted token utilities.
by James Forshaw
· 7 years ago
47311f43
Fix known capabilities on Win8.
by James Forshaw
· 7 years ago
9af9d60
[Android] Allow eventfd syscalls under Seccomp.
by Robert Sesek
· 7 years ago
0b19fc1
Additional features for Sid class.
by James Forshaw
· 7 years ago
56b10e3
Fix out-of-bounds read in sandbox broker.
by Will Harris
· 7 years ago
49b21cb
Add a fuzzer for the Windows sandbox IPC parser.
by Will Harris
· 7 years ago
b7320eca
Replace cast of wchar_t to string16 with call to base::WideToUTF16.
by Will Harris
· 7 years ago
0dbd918
Coding standard changes to sandbox/win/src
by Will Harris
· 7 years ago
b861eb3
Run clang-format on sandbox/win/src
by Will Harris
· 7 years ago
007f3c8
Update sandbox::SeatbeltExtension documentation
by Xiaohan Wang
· 7 years ago
b35515df
Remove sandbox/mac dependency on //base.
by Greg Kerr
· 7 years ago
c5f8071
Reland "Create sandbox::SeatbeltExtension to dynamically expand the Mac sandbox policy."
by Robert Sesek
· 7 years ago
191c578
[NtRegistry] APIs to help with enumeration added.
by Penny MacNeil
· 7 years ago
2d34242
Revert "Create sandbox::SeatbeltExtension to dynamically expand the Mac sandbox policy."
by Thomas Anderson
· 7 years ago
2a49491
Add rsesek to /sandbox/OWNERS
by Justin Schuh
· 7 years ago
fa1f0b2
Create sandbox::SeatbeltExtension to dynamically expand the Mac sandbox policy.
by Robert Sesek
· 7 years ago
eba36b2
Reland "Implemented changes to Sid class for AC support."
by James Forshaw
· 7 years ago
ef78a10
Fix some clang warnings in sandbox/win.
by Will Harris
· 7 years ago
f700327e
Win sandbox: Fix uninitialized variable leaks from broker to target.
by Will Harris
· 7 years ago
60c5e605
Support seccomp-bpf for mips64el in Android
by Gordana Cmiljanovic
· 7 years ago
34399a4
Reland "[Android] Allow __NR_process_vm_readv under Seccomp."
by Robert Sesek
· 7 years ago
6a53e53
Revert "[Android] Allow __NR_process_vm_readv under Seccomp."
by Tao Bai
· 7 years ago
7844944
[Android] Allow __NR_process_vm_readv under Seccomp.
by Robert Sesek
· 7 years ago
534d7ce
Add support for using seccomp_bpf on mips64el.
by Wang Qing
· 7 years ago
3a3410e0e
Tidy up sandbox_seccomp_bpf_linux
by Tom Sepez
· 7 years ago
837e59d
Remove boostrap sandbox code.
by Greg Kerr
· 7 years ago
0393f24
Revert "Implemented changes to Sid class for AC support."
by James Forshaw
· 7 years ago
251a33116
Implemented changes to Sid class for AC support.
by James Forshaw
· 7 years ago
a28bda9
sandbox_linux: Allow setting limits via prlimit().
by Justin TerAvest
· 7 years ago
ca22fbf
Use DCHECKs instead of CHECKs when checking for Seccomp-BPF TSYNC support.
by Chris Palmer
· 7 years ago
876fdbbf
Don't use dangerous HeapLock(), tests failing on GCE Win10 Bot.
by Liam Murphy
· 7 years ago
db4c64b
Correct two bugs in Windows sandboxing alternate desktops:
by Alex Gaynor
· 7 years ago
2ae19c2
[Windows Sandbox Tests] Temporarily disable CFG check test.
by Penny MacNeil
· 7 years ago
5dae9bd
Clamp resource limit adjustment to current hard limit
by Eric Holk
· 7 years ago
5925c47
Don't PCHECK() in SetGidAndUidMaps
by Tom Anderson
· 7 years ago
4a44260b
Revert "Changing multiprocess test SpawnChild to return a struct instead of a"
by Jay Civelli
· 7 years ago
29cf09b
CRSSS lockdown. Support different heap structures for Win32.
by Liam Murphy
· 7 years ago
56c87b6
Fix seccomp_bpf tests with ubsan_vptr.
by Evgenii Stepanov
· 7 years ago
0cb5dad
Added support for using alternate desktops both and with and without alternate winstations in a single process
by Alex Gaynor
· 7 years ago
99d57e4
[Windows Sandbox Tests] ProcessMitigationsTest*PreferSys32* failures.
by Penny MacNeil
· 7 years ago
f398005
Reimplemented GetProcessBaseAddress
by James Forshaw
· 7 years ago
fe528e14
win: Unbreak msvc unofficial release builds a bit.
by Nico Weber
· 7 years ago
f35574b
Dynamically adjust address space limit for array buffer reservations
by Eric Holk
· 7 years ago
fb04104
Disable CSRSS lockdown on 32-bit.
by Will Harris
· 7 years ago
0a29c32
[Windows Sandbox] Possible short/8.3 form native file paths prevent startup.
by Penny MacNeil
· 7 years ago
4e33415
Remove usage of readdir_r() in Chromium code
by Tom Anderson
· 7 years ago
e9e1e03
Corrected the list of supported Windows versions for a sandboxing feature
by Alex Gaynor
· 7 years ago
da4d470
Remove emeritus Linux sandbox owners.
by Brett Wilson
· 7 years ago
b5c1a79
[Android] Permit PR_SET_TIMERSLACK option to prctl.
by Robert Sesek
· 7 years ago
Next »