Chromium(Chrome) Sandbox Details
What Sandbox Do?
Sandbox leverages the OS-provided security to allow code execution that cannot make persistent changes to the computer or access information that is confidential.
What the Sandbox's structure is?
Sandbox operates at process-level granularity. Anything that needs to be sandboxed needs to live on a separate process.
The minimal sandbox configuration has two processes: one that is a privileged controller known as the broker, and one or more sandboxed processes known as the target.

Broker
Browser process(Chromium):
- Specify the policy for each target process
- Spawn the target processes
- Host the sandbox policy engine service
- Host the sandbox interception manager
- Host the sandbox IPC service (to the target processes)
- Perform the policy-allowed actions on behalf of the target process
Target
Renderers process, hosts all the code that is going to run inside the sandbox:
- All code to be sandboxed
- The sandbox IPC client
- The sandbox policy engine client
- The sandbox interceptions
Target process restrictions:
- Forbid per-use system-wide changes using
SystemParametersInfo(), which can be used to swap the mouse buttons or set the screen saver timeout - Forbid the creation or switch of Desktops
- Forbid changes to the per-user display configuration such as resolution and primary display
- No read or write to the clipboard
- Forbid Windows message broadcasts
- Forbid setting global Windows hooks (using
SetWindowsHookEx()) - Forbid access to the global atoms table
- Forbid access to USER handles created outside the Job object
- One active process limit (disallows creating child processes)
- Forbid per-use system-wide changes using
Allowed resource access:
- Read access to most files
- Write access to
%USER PROFILE%\AppData\LocalLow - Read access to most of the registry
- Write access to
HKEY_CURRENT_USER\Software\AppDataLow - Clipboard (copy and paste for certain formats)
- Remote procedure call (RPC)
- TCP/IP Sockets
- Window messages exposed via
ChangeWindowMessageFilter - Shared memory exposed via LI (low integrity) labels
- COM interfaces with LI (low integrity) launch activation rights
- Named pipes exposed via LI (low integrity) labels
refers:
https://chromium.googlesource.com/chromium/src/+/master/docs/design/sandbox.md
Chromium(Chrome) Sandbox Details的更多相关文章
- Chromium(Chrome) frame structure detail
1. Chromium VS Chrome Chromium is an open-source Web browser project started by Google, to provide t ...
- Ubuntu 16.04下安装64位谷歌Chromium(Chrome)浏览器
在命令行下输入: sudo add-apt-repository ppa:a-v-shkop/chromium sudo apt-get update sudo apt-get install chr ...
- docker chromium/chrome: error while loading shared libraries: libXcursor.so.2: cannot open shared object file: No such file or directory
在运行 pyppeteer 的时候,因为依赖浏览器,出现上述情况. 解决办法: 一般我们在Linux下执行某些外部程序的时候可能会提示找不到共享库的错误.原因一般有两个, 一个是操作系统里确实没有包含 ...
- Chrome 红色和 Chromium蓝色 区别:logoChrome 红色和 Chromium蓝色;Chrome闭源和 Chromium开源;
我们知道Chromium采用的BSD开源协议(Chromium首页.文档和下载),google chrome是闭源的("9.2 根据第 1.2 条规定,除非法律明确允许或要求,或经谷歌明确书 ...
- Chrome Is The New C Runtime
出处:https://www.mobilespan.com/content/chrome-is-the-new-c-runtime Chrome Is The New C Runtime Date: ...
- Web自动化之Headless Chrome开发工具库
命令行运行Headless Chrome Chrome 安装(需要带梯子) 下载地址 几个版本的比较 Chromium 不是Chrome,但Chrome的内容基本来源于Chromium,这个是开源的版 ...
- chromium os系统编译与环境搭建
官方网址:http://www.chromium.org/chromium-os chromium os是google自2009年开启的项目,是一款开源的电脑操作系统,用于开发chromium/chr ...
- Android chromium 1
For Developers > Design Documents > Java Resources on Android Overview Chrome for Android ...
- 从Chrome源码看audio/video流媒体实现二(转)
第一篇主要介绍了Chrome加载音视频的缓冲控制机制和编解码基础,本篇将比较深入地介绍解码播放的过程.以Chromium 69版本做研究. 由于Chromium默认不能播放Mp4,所以需要需要改一下源 ...
随机推荐
- python初学之缓存清理:完全相同的代码与环境但是其中一个文件可以执行成功,一个执行不成功
在使用python写接口测试脚本时,想要引入logging模块来在控制台输出当前执行进度日志,但是遇到了奇葩问题,困扰了一整个下午: 代码如下: __author__ = 'test'#!/usr/b ...
- 高分一号计算NDVI
1.准备工作 如果想要ENVI友好一点,请下载ENVI5.3,并且安装China satellites 补丁(参考博客:ENVI扩展工具:中国国产卫星支持工具) App Store for ENVI下 ...
- UI规范案例-宝龙广场
- Android方法引用超过65535的解决方式
//在app/build.gradle android { compileSdkVersion buildToolsVersion "24.0.1" defaultConfig { ...
- s21day15 python笔记
s21day15 python笔记 一.内容回顾及补充 回顾 补充 range / xrange(python2与python3的区别六) python2: xrange:不会在内存中立即创建,而是在 ...
- CSS-图片占位的技巧
图片占位技巧,防止动态获取图片 网络慢,页面一跳一跳的情况发生 .food .image-header { position: relative; width: 1 ...
- Wpf TemplateBinding
TemplateBinding. ControlTemplate最终会被用到一个控件上,我们称这个控件为模板目标控件或者模板化控件,ControlTemplate里面的控件可以使用TemplateBi ...
- 2018-2019-2 20165313 《网络对抗技术》 Exp6 信息搜集与漏洞扫描
一.实践目标 掌握信息搜集的最基础技能与常用工具的使用方法. 二.实践内容. (1)各种搜索技巧的应用 (2)DNS IP注册信息的查询 (3)基本的扫描技术:主机发现.端口扫描.OS及服务版本探测. ...
- ubuntu18.04 配置chrome ss
为了FQ 不FQ不行啊 安装shaowsocks 1. 用实验室的服务器 sslocal -c xxx.json 2. 下载SwitchyOmega插件 链接: https://pan.baidu.c ...
- jmeter简单的接口性能测试
原文转自:https://blog.csdn.net/lovesoo/article/details/78579547 Apache JMeter是一款纯java编写负载功能测试和性能测试开源工具软件 ...