SandboxInitialization.h (1663B)
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=2 et sw=2 tw=80: */ 3 /* This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #ifndef mozilla_sandboxing_SandboxInitialization_h 8 #define mozilla_sandboxing_SandboxInitialization_h 9 10 namespace sandbox { 11 class BrokerServices; 12 class TargetServices; 13 } // namespace sandbox 14 15 // Things that use this file will probably want access to the IsSandboxedProcess 16 // function defined in one of the Chromium sandbox cc files. 17 extern "C" bool IsSandboxedProcess(); 18 19 namespace mozilla { 20 // Note the Chromium code just uses a bare sandbox namespace, which makes using 21 // sandbox for our namespace painful. 22 namespace sandboxing { 23 24 /** 25 * Initializes (if required) and returns the Chromium sandbox TargetServices. 26 * 27 * @return the TargetServices or null if the creation or initialization failed. 28 */ 29 sandbox::TargetServices* GetInitializedTargetServices(); 30 31 /** 32 * Lowers the permissions on the process sandbox. 33 * Provided because the GMP sandbox needs to be lowered from the executable. 34 */ 35 void LowerSandbox(); 36 37 /** 38 * Initializes (if required) and returns the Chromium sandbox BrokerServices. 39 * 40 * @return the BrokerServices or null if the creation or initialization failed. 41 */ 42 sandbox::BrokerServices* GetInitializedBrokerServices(); 43 44 /** 45 * Apply mitigations for parent processes. 46 */ 47 void ApplyParentProcessMitigations(); 48 49 } // namespace sandboxing 50 } // namespace mozilla 51 52 #endif // mozilla_sandboxing_SandboxInitialization_h