chromium/content/public/common/sandbox_linux.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CONTENT_PUBLIC_COMMON_SANDBOX_LINUX_H_
#define CONTENT_PUBLIC_COMMON_SANDBOX_LINUX_H_

namespace content {

// These form a bitmask which describes the conditions of the Linux sandbox.
// Note: this doesn't strictly give you the current status, it states
// what will be enabled when the relevant processes are initialized.
enum LinuxSandboxStatus {
  // SUID sandbox active.
  kSandboxLinuxSUID = 1 << 0,

  // SUID sandbox is using the PID namespace.
  kSandboxLinuxPIDNS = 1 << 1,

  // SUID sandbox is using the network namespace.
  kSandboxLinuxNetNS = 1 << 2,

  // seccomp-bpf sandbox active.
  kSandboxLinuxSeccompBPF = 1 << 3,

  // A flag that denotes an invalid sandbox status.
  kSandboxLinuxInvalid = 1 << 31,
};

}  // namespace content

#endif  // CONTENT_PUBLIC_COMMON_SANDBOX_LINUX_H_