Take a vector in Policy::AllowUnsafeKeepCapabilities()

The existing function signature took a `unique_ptr<>` owning a vector, and
took `nullptr` to mean an empty set of capabilities. This is more naturally
modeled by taking the vector directly and `std::move`-ing it.

PiperOrigin-RevId: 384214849
Change-Id: I177f04a06803ae00429b19a1f3f12e7be04d2908
This commit is contained in:
Christian Blichmann 2021-07-12 05:42:57 -07:00 committed by Copybara-Service
parent 002cb9ae01
commit 5267d14248
3 changed files with 4 additions and 11 deletions

View File

@ -164,16 +164,11 @@ bool Policy::SendPolicy(Comms* comms) const {
return true;
}
void Policy::AllowUnsafeKeepCapabilities(
std::unique_ptr<std::vector<int>> caps) {
void Policy::AllowUnsafeKeepCapabilities(std::vector<int> caps) {
if (namespace_) {
namespace_->DisableUserNamespace();
}
if (!caps) {
capabilities_.clear();
} else {
capabilities_ = {caps->begin(), caps->end()};
}
capabilities_ = std::move(caps);
}
void Policy::GetPolicyDescription(PolicyDescription* policy) const {

View File

@ -52,7 +52,7 @@ class Policy final {
// Skips creation of a user namespace and keep capabilities in the global
// namespace. This only makes sense in some rare cases where the sandbox is
// started as root, please talk to sandbox-team@ before using this function.
void AllowUnsafeKeepCapabilities(std::unique_ptr<std::vector<int>> caps);
void AllowUnsafeKeepCapabilities(std::vector<int> caps);
// Stores information about the policy (and the policy builder if existing)
// in the protobuf structure.

View File

@ -158,9 +158,7 @@ absl::StatusOr<std::unique_ptr<Policy>> StackTracePeer::GetPolicy(
}
SAPI_ASSIGN_OR_RETURN(std::unique_ptr<Policy> policy, builder.TryBuild());
auto keep_capabilities = absl::make_unique<std::vector<int>>();
keep_capabilities->push_back(CAP_SYS_PTRACE);
policy->AllowUnsafeKeepCapabilities(std::move(keep_capabilities));
policy->AllowUnsafeKeepCapabilities({CAP_SYS_PTRACE});
// Use no special namespace flags when cloning. We will join an existing
// user namespace and will unshare() afterwards (See forkserver.cc).
policy->GetNamespace()->clone_flags_ = 0;