services/shell: Turn on sandboxing for mojo apps.

Turn on sandbox for mojo apps by default. Apps that need to run without a sandbox need to include 'shell:unsandboxed' in their capabilities in manifest for mojo:shell. Update manifests for mojo:ui, mojo:font_service, mojo:file_system, and mojo:leveldb services to include 'shell:unsandboxed'. BUG=645602, 646376 Review-Url: https://codereview.chromium.org/2338793003 Cr-Commit-Position: refs/heads/master@{#419891}

services/shell: Turn on sandboxing for mojo apps.
Turn on sandbox for mojo apps by default. Apps that need to run without a sandbox need to include 'shell:unsandboxed' in their capabilities in manifest for mojo:shell. Update manifests for mojo:ui, mojo:font_service, mojo:file_system, and mojo:leveldb services to include 'shell:unsandboxed'. BUG=645602, 646376 Review-Url: https://codereview.chromium.org/2338793003 Cr-Commit-Position: refs/heads/master@{#419891}
43aa4f70 · sadrul · Commit bot · 21b26ed4 · 43aa4f70 · 43aa4f70
Commit 43aa4f70 authored Sep 20, 2016 by sadrul Committed by Commit bot Sep 20, 2016
7 changed files
--- a/chrome/app/mash/mash_runner.cc
+++ b/chrome/app/mash/mash_runner.cc
@@ -73,6 +73,14 @@ class NativeRunnerDelegateImpl : public shell::NativeRunnerDelegate {
 #if defined(OS_WIN)
      command_line->AppendArg(switches::kPrefetchArgumentOther);
 #endif
+      if (target.instance() == "font_service" || target.instance() == "ui") {
+        base::CommandLine::StringVector argv(command_line->argv());
+        auto iter = std::find(argv.begin(), argv.end(),
+                              FILE_PATH_LITERAL("--enable-sandbox"));
+        if (iter != argv.end())
+          argv.erase(iter);
+        *command_line = base::CommandLine(argv);
+      }
      return;
    }


--- a/chrome/test/base/mojo_test_connector.cc
+++ b/chrome/test/base/mojo_test_connector.cc
@@ -215,6 +215,14 @@ class MojoTestConnector::NativeRunnerDelegateImpl
      if (target.name() == "exe:mash_browser_tests")
        RemoveMashFromBrowserTests(command_line);
      command_line->AppendSwitch(MojoTestConnector::kMashApp);
+      if (target.instance() == "font_service" || target.instance() == "ui") {
+        base::CommandLine::StringVector argv(command_line->argv());
+        auto iter = std::find(argv.begin(), argv.end(),
+                              FILE_PATH_LITERAL("--enable-sandbox"));
+        if (iter != argv.end())
+          argv.erase(iter);
+        *command_line = base::CommandLine(argv);
+      }
      return;
    }


--- a/components/filesystem/manifest.json
+++ b/components/filesystem/manifest.json
@@ -4,7 +4,8 @@
  "display_name": "File System Service",
  "capabilities": {
    "required": {
-      "*": { "classes": [ "app" ] }
+      "*": { "classes": [ "app" ] },
+      "mojo:shell": { "classes": ["shell:unsandboxed"] }
    }
  }
 }
--- a/components/font_service/manifest.json
+++ b/components/font_service/manifest.json
@@ -9,7 +9,8 @@
      ]
    },
    "required": {
-      "*": { "classes": [ "app" ] }
+      "*": { "classes": [ "app" ] },
+      "mojo:shell": { "classes": ["shell:unsandboxed"] }
    }
  }
 }
--- a/components/leveldb/manifest.json
+++ b/components/leveldb/manifest.json
@@ -4,7 +4,8 @@
  "display_name": "LevelDB Service",
  "capabilities": {
    "required": {
-      "*": { "classes": [ "app" ] }
+      "*": { "classes": [ "app" ] },
+      "mojo:shell": { "classes": ["shell:unsandboxed"] }
    }
  }
 }
--- a/services/shell/service_manager.cc
+++ b/services/shell/service_manager.cc
@@ -39,6 +39,7 @@ const char kCapabilityClass_ClientProcess[] = "shell:client_process";
 const char kCapabilityClass_InstanceName[] = "shell:instance_name";
 const char kCapabilityClass_AllUsers[] = "shell:all_users";
 const char kCapabilityClass_ExplicitClass[] = "shell:explicit_class";
+const char kCapabilityClass_Unsandboxed[] = "shell:unsandboxed";

 }  // namespace

@@ -216,10 +217,10 @@ class ServiceManager::Instance
    StartWithService(std::move(service));
  }

-  void StartWithFilePath(const base::FilePath& path) {
+  void StartWithFilePath(const base::FilePath& path, bool unsandboxed) {
    CHECK(!service_);
    runner_ = service_manager_->native_runner_factory_->Create(path);
-    bool start_sandboxed = false;
+    bool start_sandboxed = !unsandboxed;
    mojom::ServicePtr service = runner_->Start(
        path, identity_, start_sandboxed,
        base::Bind(&Instance::PIDAvailable, weak_factory_.GetWeakPtr()),
@@ -821,7 +822,8 @@ void ServiceManager::OnGotResolvedName(std::unique_ptr<ConnectParams> params,
                       instance_name);
      CreateServiceWithFactory(factory, target.name(), std::move(request));
    } else {
-      instance->StartWithFilePath(result->package_path);
+      bool unsandboxed = HasClass(capabilities, kCapabilityClass_Unsandboxed);
+      instance->StartWithFilePath(result->package_path, unsandboxed);
    }
  }


--- a/services/ui/manifest.json
+++ b/services/ui/manifest.json
@@ -26,7 +26,13 @@
    "required": {
      "mojo:ui": { "classes": [ "ozone" ] },
      "*": { "classes": [ "app" ] },
-      "mojo:shell": { "classes": [ "shell:all_users", "shell:explicit_class" ] }
+      "mojo:shell": {
+        "classes": [
+          "shell:all_users",
+          "shell:explicit_class",
+          "shell:unsandboxed"
+        ]
+      }
    }
  }
 }