Uses of Chromium's utility process

[Jorge Lucangeli Obes]

Hi all,

I'm working on sandboxing Chromium's utility process on Linux, which
is not currently running inside the sandbox due to details in the
Linux sandbox implementation.

This issue was first mentioned here:
http://code.google.com/p/chromium/issues/detail?id=22703: All
subprocess creation needs to go through zygote

Then tracked here:
http://code.google.com/p/chromium/issues/detail?id=23837: sandbox
UtilityProcess on Linux

where it stalled. It then resurfaced here:
http://code.google.com/p/chromium/issues/detail?id=93109: Utility
process is only sandboxed on Win/Mac

which is what we are tracking right now.

I want to check that I didn't miss any uses of the utility process,
hence this email. So far, I have the list of messages at:

chromium/src/content/common/utility_messages.h

and:

chromium/src/chrome/common/chrome_utility_messages.h

Am I missing anything?

Thanks,
Jorge

[John Abd-El-Malek]

These are all the messages. Note that we have a mode to run the utility process as unsandboxed, currently used for loading the plugin list out of process.

 

Thanks,
Jorge

--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
   http://groups.google.com/a/chromium.org/group/chromium-dev

[Jorge Lucangeli Obes]

Yes, thank you, I had noticed that. So far, from what I see, the only
functionality that needs file access on Linux -file access is what's
not yet supported by the Linux sandbox- is the unpacking of
extensions.