Linux sandbox: better APIs with /proc/ arguments
Unify sandbox:: APIs to always take /proc/ file descriptors
instead of /proc/self/ or /proc/self/task/.
Moreover, require |proc_fd| arguments to critical APIs rather
than rely on the caller to perform the right checks.
A descriptor to /proc is a better choice than a descriptor to
/proc/self/* because it keeps the same semantics after a fork().
BUG=312380, 457377
TBR=nasko
Review URL: https://codereview.chromium.org/938223004
Cr-Commit-Position: refs/heads/master@{#317757}
23 files changed