The render process is a sandbox proccess, isn't it?

Having problems with building or using the CefGlue .NET/Mono binding? Ask your questions here.

Moderator: fddima

The render process is a sandbox proccess, isn't it?

Postby szanto90balazs » Mon Dec 01, 2014 12:26 pm

Hi people,

According to this: http://www.chromium.org/developers/desi ... d-plug-ins

The renderer process is a restricted/sandboxed process:

"In each of the multi-process architectures, Chromium's renderer processes are executed within a sandboxed process that has limited access to the user's computer. These processes do not have direct access to the user's filesystem, display, or most other resources. Instead, they gain access to permitted resources only through the browser process, which can impose security policies on this access. As a result, Chromium's browser process can mitigate the damage that an exploited rendering engine can do."

I'm using Xilium.CefGlue/Cef3.
Knowing this, how come that I can still load a image or file from a RenderProcessHandler, which supposedly run in the render process? I really like the freedom I have in the render process, but I'd really like to know why is it so, when the Chromium documentation states a different point of view.

Thanks
Balazs
szanto90balazs
Newbie
 
Posts: 4
Joined: Tue Jul 08, 2014 11:44 am

Re: The render process is a sandbox proccess, isn't it?

Postby JornH » Sun Dec 14, 2014 10:29 am

That might depend on how you initialize CEF. The sandbox is optional, see https://bitbucket.org/xilium/xilium.cef ... ult#cl-211

Best regards,
JornH
JornH
Newbie
 
Posts: 6
Joined: Sun Mar 30, 2014 10:59 am

Re: The render process is a sandbox proccess, isn't it?

Postby lneir » Fri Dec 19, 2014 6:01 pm

I'm looking at current CEF Glue code for ExecuteProcess and see signature: public static int ExecuteProcess(CefMainArgs args, CefApp application, IntPtr windowsSandboxInfo)

But I don't see how to create sandboxInfo. I don't see any methods exposed to support creating, I expected to see: CefScopedSandboxInfo

Does this mean there is currently no sandbox support in XiliumGlue/CefGlue?

Lynn
lneir
Newbie
 
Posts: 7
Joined: Fri Dec 19, 2014 5:55 pm


Return to CefGlue Forum

Who is online

Users browsing this forum: No registered users and 18 guests