What Sandbox Do?

  Sandbox leverages the OS-provided security to allow code execution that cannot make persistent changes to the computer or access information that is confidential.

What the Sandbox's structure is?

  Sandbox operates at process-level granularity. Anything that needs to be sandboxed needs to live on a separate process.

  The minimal sandbox configuration has two processes: one that is a privileged controller known as the broker, and one or more sandboxed processes known as the target.

  

Broker

   Browser process(Chromium):

  1. Specify the policy for each target process
  2. Spawn the target processes
  3. Host the sandbox policy engine service
  4. Host the sandbox interception manager
  5. Host the sandbox IPC service (to the target processes)
  6. Perform the policy-allowed actions on behalf of the target process

Target

   Renderers process, hosts all the code that is going to run inside the sandbox:

  1. All code to be sandboxed
  2. The sandbox IPC client
  3. The sandbox policy engine client
  4. The sandbox interceptions

  Target process restrictions:

    • Forbid per-use system-wide changes using SystemParametersInfo(), which can be used to swap the mouse buttons or set the screen saver timeout
    • Forbid the creation or switch of Desktops
    • Forbid changes to the per-user display configuration such as resolution and primary display
    • No read or write to the clipboard
    • Forbid Windows message broadcasts
    • Forbid setting global Windows hooks (using SetWindowsHookEx())
    • Forbid access to the global atoms table
    • Forbid access to USER handles created outside the Job object
    • One active process limit (disallows creating child processes)

  Allowed resource access:

    • Read access to most files
    • Write access to %USER PROFILE%\AppData\LocalLow
    • Read access to most of the registry
    • Write access to HKEY_CURRENT_USER\Software\AppDataLow
    • Clipboard (copy and paste for certain formats)
    • Remote procedure call (RPC)
    • TCP/IP Sockets
    • Window messages exposed via ChangeWindowMessageFilter
    • Shared memory exposed via LI (low integrity) labels
    • COM interfaces with LI (low integrity) launch activation rights
    • Named pipes exposed via LI (low integrity) labels

refers:

https://chromium.googlesource.com/chromium/src/+/master/docs/design/sandbox.md

Chromium(Chrome) Sandbox Details的更多相关文章

  1. Chromium(Chrome) frame structure detail

    1. Chromium VS Chrome Chromium is an open-source Web browser project started by Google, to provide t ...

  2. Ubuntu 16.04下安装64位谷歌Chromium(Chrome)浏览器

    在命令行下输入: sudo add-apt-repository ppa:a-v-shkop/chromium sudo apt-get update sudo apt-get install chr ...

  3. docker chromium/chrome: error while loading shared libraries: libXcursor.so.2: cannot open shared object file: No such file or directory

    在运行 pyppeteer 的时候,因为依赖浏览器,出现上述情况. 解决办法: 一般我们在Linux下执行某些外部程序的时候可能会提示找不到共享库的错误.原因一般有两个, 一个是操作系统里确实没有包含 ...

  4. Chrome 红色和 Chromium蓝色 区别:logoChrome 红色和 Chromium蓝色;Chrome闭源和 Chromium开源;

    我们知道Chromium采用的BSD开源协议(Chromium首页.文档和下载),google chrome是闭源的("9.2 根据第 1.2 条规定,除非法律明确允许或要求,或经谷歌明确书 ...

  5. Chrome Is The New C Runtime

    出处:https://www.mobilespan.com/content/chrome-is-the-new-c-runtime Chrome Is The New C Runtime Date:  ...

  6. Web自动化之Headless Chrome开发工具库

    命令行运行Headless Chrome Chrome 安装(需要带梯子) 下载地址 几个版本的比较 Chromium 不是Chrome,但Chrome的内容基本来源于Chromium,这个是开源的版 ...

  7. chromium os系统编译与环境搭建

    官方网址:http://www.chromium.org/chromium-os chromium os是google自2009年开启的项目,是一款开源的电脑操作系统,用于开发chromium/chr ...

  8. Android chromium 1

    For Developers‎ > ‎Design Documents‎ > ‎ Java Resources on Android Overview Chrome for Android ...

  9. 从Chrome源码看audio/video流媒体实现二(转)

    第一篇主要介绍了Chrome加载音视频的缓冲控制机制和编解码基础,本篇将比较深入地介绍解码播放的过程.以Chromium 69版本做研究. 由于Chromium默认不能播放Mp4,所以需要需要改一下源 ...

随机推荐

  1. MySQL中查询、删除重复记录的方法大全

    查找所有重复标题的记录: select title,count(*) as count from user_table group by title having count>1; SELECT ...

  2. arcgis 添加经纬度坐标点

    ArcGIS 10.2导入X.Y坐标(经度.纬度),生成Shapefile点数据   参考博客很完整 基站-纬度-经度 1---- 2----X 经度  Y 纬度  Z高程(没有) 3---一开始只定 ...

  3. html+jquery实现简单图片裁剪

    有了上一篇图片放大镜的铺垫,今天的这个例子是缩小镜,因为裁剪的原图往往很大,不能在工作区域看到全部图片,所以,要有缩小镜来显示,当前裁剪的区域是原图的个部分.按照惯例首先看下效果图: 功能一:载入默认 ...

  4. C#参考教程 http://www.csref.cn

    推荐 C#参考教程 http://www.csref.cn

  5. 2PC(Two Phase Commitment Protocol)原理

    读TiDB原理部分,知道其分布式事务是参考的Google percolator.而percolator是一种2PC的优化. 分布式事务解决的是什么问题呢? 假设一个场景,一个电商网站,用户在购买商品时 ...

  6. 使用C语言开发PHP扩展(转)

    本篇文章给大家带来的内容是介绍如何使用C语言给PHP写扩展,,有一定的参考价值,有需要的朋友可以参考一下,希望对你有所帮助. 1.在php源码路径的ext文件夹下,新建一个extend_test.de ...

  7. Spark读HBase写MySQL

    1 Spark读HBase Spark读HBase黑名单数据,过滤出当日新增userid,并与mysql黑名单表内userid去重后,写入mysql. def main(args: Array[Str ...

  8. Debian系统 + XFCE桌面初识,基础环境搭建

    有幸分享个人的Linux下的习惯配置,具体操作可能阐述得比较粗糙. 在图形化界面进行配置操作,十分简便舒心. Linux发行版:Debian9.5(Stretch) 桌面Sesion:XFCE4 一. ...

  9. firefox浏览器,主动出现hao123的解决办法

    听说火狐浏览器前端开发很好用,今天下载了一个体验了一下觉得还是很不错的.但是有个问题!!!为什么我设置了启动时打开空白页没用,它每次都会给我打开 https://www.hao123.com/ hao ...

  10. selenium_Python3_邮箱登录:动态元素定位

    这里的关键是动态frame定位: 其他元素定位不用多说,常规操作. 不过需要注意加上这个: from selenium.webdriver.remote.webelement import WebEl ...