Backed out changeset 201612a0b133

2024-09-13 09:24:08 -07:00 · 2012-07-26 21:55:41 -07:00 · 2012-07-26 21:55:41 -07:00 · 8f442054ec
commit 8f442054ec
parent ecc03ecd86
3 changed files with 2 additions and 67 deletions
--- a/ipc/chromium/src/base/process_util.h
+++ b/ipc/chromium/src/base/process_util.h
@ -160,22 +160,11 @@ bool LaunchApp(const std::vector<std::string>& argv,
               bool wait, ProcessHandle* process_handle);

 typedef std::map<std::string, std::string> environment_map;
-enum ChildPrivileges {
-  UNPRIVILEGED,
-  SAME_PRIVILEGES_AS_PARENT
-};
-bool LaunchApp(const std::vector<std::string>& argv,
-               const file_handle_mapping_vector& fds_to_remap,
-               const environment_map& env_vars_to_set,
-               ChildPrivileges privs,
-               bool wait, ProcessHandle* process_handle,
-               ProcessArchitecture arch=GetCurrentProcessArchitecture());
 bool LaunchApp(const std::vector<std::string>& argv,
               const file_handle_mapping_vector& fds_to_remap,
               const environment_map& env_vars_to_set,
               bool wait, ProcessHandle* process_handle,
               ProcessArchitecture arch=GetCurrentProcessArchitecture());
-
 #endif

 // Executes the application specified by cl. This function delegates to one
--- a/ipc/chromium/src/base/process_util_linux.cc
+++ b/ipc/chromium/src/base/process_util_linux.cc
@ -23,16 +23,7 @@
 #ifdef ANDROID
 #include <pthread.h>
 /*
- * AID_APP is the first application UID used by Android. We're using
- * it as our unprivilegied UID.  This ensure the UID used is not
- * shared with any other processes than our own childs.
- */
-#include <private/android_filesystem_config.h>
-#define CHILD_UNPRIVILEGED_UID AID_APP
-#define CHILD_UNPRIVILEGED_GID AID_APP
-/*
- * Currently, PR_DuplicateEnvironment is implemented in
- * mozglue/build/BionicGlue.cpp
+ * Currently, PR_DuplicateEnvironment is implemented in mozglue/build/BionicGlue.cpp
 */
 #define HAVE_PR_DUPLICATE_ENVIRONMENT

@ -41,14 +32,6 @@
 #include "prmem.h"
 /* Temporary until we have PR_DuplicateEnvironment in prenv.h */
 extern "C" { NSPR_API(pthread_mutex_t *)PR_GetEnvLock(void); }
-#else
-/*
- * On platforms that are not Android based, we fall back to an
- * arbitrary UID. This is generally the UID for user `nobody', albeit
- * it is not always the case.
- */
-#define CHILD_UNPRIVILEGED_UID 65534
-#define CHILD_UNPRIVILEGED_GID 65534
 #endif

 namespace {
@ -181,17 +164,6 @@ bool LaunchApp(const std::vector<std::string>& argv,
               const environment_map& env_vars_to_set,
               bool wait, ProcessHandle* process_handle,
               ProcessArchitecture arch) {
-  return LaunchApp(argv, fds_to_remap, env_vars_to_set,
-                   SAME_PRIVILEGES_AS_PARENT,
-                   wait, process_handle);
-}
-
-bool LaunchApp(const std::vector<std::string>& argv,
-               const file_handle_mapping_vector& fds_to_remap,
-               const environment_map& env_vars_to_set,
-               ChildPrivileges privs,
-               bool wait, ProcessHandle* process_handle,
-               ProcessArchitecture arch) {
  scoped_array<char*> argv_cstr(new char*[argv.size() + 1]);
  // Illegal to allocate memory after fork and before execvp
  InjectiveMultimap fd_shuffle1, fd_shuffle2;
@ -228,19 +200,6 @@ bool LaunchApp(const std::vector<std::string>& argv,
      argv_cstr[i] = const_cast<char*>(argv[i].c_str());
    argv_cstr[argv.size()] = NULL;

-    if (privs == UNPRIVILEGED) {
-      if (setgid(CHILD_UNPRIVILEGED_GID) != 0) {
-        DLOG(ERROR) << "FAILED TO setgid() CHILD PROCESS, path: " << argv_cstr[0];
-        _exit(127);
-      }
-      if (setuid(CHILD_UNPRIVILEGED_UID) != 0) {
-        DLOG(ERROR) << "FAILED TO setuid() CHILD PROCESS, path: " << argv_cstr[0];
-        _exit(127);
-      }
-      if (chdir("/") != 0)
-        gProcessLog.print("==> could not chdir()\n");
-    }
-
 #ifdef HAVE_PR_DUPLICATE_ENVIRONMENT
    execve(argv_cstr[0], argv_cstr.get(), envp);
 #else
--- a/ipc/glue/GeckoChildProcessHost.cpp
+++ b/ipc/glue/GeckoChildProcessHost.cpp
@ -51,16 +51,6 @@ using mozilla::ipc::GeckoChildProcessHost;
 static const int kMagicAndroidSystemPropFd = 5;
 #endif

-static const bool kLowRightsSubprocesses =
-  // We currently only attempt to drop privileges on gonk, because we
-  // have no plugins or extensions to worry about breaking.
-#ifdef MOZ_WIDGET_GONK
-  true
-#else
-  false
-#endif
-  ;
-
 static bool
 ShouldHaveDirectoryService()
 {
@ -424,9 +414,6 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt

 #if defined(OS_LINUX) || defined(OS_MACOSX)
  base::environment_map newEnvVars;
-  base::ChildPrivileges privs = kLowRightsSubprocesses ?
-                                base::UNPRIVILEGED :
-                                base::SAME_PRIVILEGES_AS_PARENT;
  // XPCOM may not be initialized in some subprocesses.  We don't want
  // to initialize XPCOM just for the directory service, especially
  // since LD_LIBRARY_PATH is already set correctly in subprocesses
@ -592,7 +579,7 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt

  base::LaunchApp(childArgv, mFileMap,
 #if defined(OS_LINUX) || defined(OS_MACOSX)
-                  newEnvVars, privs,
+                  newEnvVars,
 #endif
                  false, &process, arch);