Preload decoder DSO before engaging the sandbox
Due to an upcoming change in glibc, we won't be able to support dlopening after engaging the sandbox unless a very new kernel. So we preload the libimedecoder in the sandbox hook and remove the permissions of its shared library dependencies from the sandbox. TEST=builds and run on vm. Bug: 837156 Change-Id: I64bcb651c055553390785d8cb1eaa2e516157a3b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2423826Reviewed-by:Matthew Denton <mpdenton@chromium.org> Commit-Queue: Leo Zhang <googleo@chromium.org> Cr-Commit-Position: refs/heads/master@{#810065}
Showing
Please register or sign in to comment