commit | b94f6817d3a0e20ec5c3393a4eb13dd360acbd4e | [log] [tgz] |
---|---|---|
author | jln <jln@chromium.org> | Thu Feb 12 04:53:04 2015 |
committer | Commit bot <commit-bot@chromium.org> | Thu Feb 12 04:53:27 2015 |
tree | bc6d7dc47b28e2fe0aa0092d284ed16888704c24 | |
parent | cffa4164960b8bff230276d51c1e82bac87c248c [diff] |
Namespace sandbox: add important security checks When engaging the namespace sandbox, add important checks that the process is single threaded and has no directory file descriptor open. As part of this change, move the function engaging the namespace sandbox from the Zygote to the LinuxSandbox class. BUG=457377, 312380 Review URL: https://codereview.chromium.org/915823002 Cr-Commit-Position: refs/heads/master@{#315932}