| Elly Fong-Jones | d9a16cd | 2012-11-12 16:09:49 -0500 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef SANDBOXED_PROCESS_H |
| 6 | #define SANDBOXED_PROCESS_H |
| 7 | |
| 8 | #include <chromeos/process.h> |
| 9 | |
| 10 | namespace debugd { |
| 11 | |
| 12 | class SandboxedProcess : public chromeos::ProcessImpl { |
| 13 | public: |
| 14 | SandboxedProcess(); |
| Ben Chan | 297c3c2 | 2013-07-17 17:34:12 -0700 | [diff] [blame] | 15 | virtual ~SandboxedProcess(); |
| 16 | |
| 17 | // Get the full path of a helper executable located at the |relative_path| |
| 18 | // relative to the debugd helpers directory. Return false if the full path |
| 19 | // is too long. |
| 20 | static bool GetHelperPath(const std::string& relative_path, |
| 21 | std::string* full_path); |
| Elly Fong-Jones | d9a16cd | 2012-11-12 16:09:49 -0500 | [diff] [blame] | 22 | |
| 23 | virtual bool Init(); |
| 24 | |
| 25 | // Disable the default sandboxing for this process |
| 26 | virtual void DisableSandbox(); |
| 27 | |
| 28 | // Change the default sandboxing for this process |
| 29 | virtual void SandboxAs(const std::string& user, const std::string& group); |
| 30 | |
| Elly Fong-Jones | 215b562 | 2013-03-20 14:32:18 -0400 | [diff] [blame] | 31 | static const char *kDefaultUser; |
| 32 | static const char *kDefaultGroup; |
| 33 | |
| Elly Fong-Jones | d9a16cd | 2012-11-12 16:09:49 -0500 | [diff] [blame] | 34 | private: |
| 35 | bool sandboxing_; |
| 36 | std::string user_; |
| 37 | std::string group_; |
| 38 | }; |
| 39 | |
| 40 | }; // namespace debugd |
| 41 | |
| 42 | #endif // SANDBOXED_PROCESS_H |