Maybe releasing w/out sandbox support on linux will do just that? On Tue, Jan 27, 2009 at 11:12 AM, Linus Upson <[email protected]> wrote: > Can't we shame someone in the linuxosphere to add macos style sandbox() to > the kernel? > Linus > > On Tue, Jan 27, 2009 at 1:58 AM, Dean McNamee <[email protected]> wrote: >> >> Well, we don't have a sandbox on Linux. The normal fd-passing >> recvmesg() should work fine. Who knows if it will work if we ever get >> a sandbox. >> >> On Tue, Jan 27, 2009 at 5:55 AM, Andrew Scherkus <[email protected]> >> wrote: >> > Great! I'm really interested in using shared FDs. >> > Just to clarify, we're unsure whether this works for Linux? >> > Thanks again, >> > Andrew >> > On Mon, Jan 26, 2009 at 2:17 PM, Jeremy Moskovich <[email protected]> >> > wrote: >> >> >> >> There's been discussion recently about sending FDs between processes so >> >> that renderer processes can access files directly. >> >> >> >> I ran some tests on OS X to see whether you can send an FD when the >> >> receiving process is sandboxed. >> >> >> >> It turns out that this does indeed work, even when using the more >> >> restrictive kSBXProfilePureComputation sandbox profile. >> >> >> >> Note that support for this still needs to be added to the POSIX version >> >> of >> >> IPC::Channel. >> >> >> >> Best regards, >> >> Jeremy >> > >> > >> > > >> > >> >> > > > > >
-- Mike Pinkerton Mac Weenie [email protected] --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: [email protected] View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
