Third party blocking needs a developer opt-out |
|
Issue descriptionTo allow A11Y developers to work there needs to be a third-party code blocking opt-out mechanism. Proposal: A feature flag, that when in use causes a warning to appear (much like --no-sandbox). We could even consider making this flag a protected setting, to prevent easy tampering.
,
Nov 10 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/63be0473919f1b16fb931c1f4d0a33dfaba1d397 commit 63be0473919f1b16fb931c1f4d0a33dfaba1d397 Author: Chris Hamilton <chrisha@chromium.org> Date: Fri Nov 10 01:20:59 2017 Create a flag for allowing third party module injection. This creates the "allow-third-party-modules" flag, and plumbs it into the sandbox to disable the BINARY_SIGNATURE process mitigation when specified. It also adds this flag to the list of bad flags. In the future this CL will also be integrated with the third party blocking logic in chrome_elf. BUG=757454 Change-Id: I38199c295d4957795ff9c1302889115af5a8222a Reviewed-on: https://chromium-review.googlesource.com/751298 Reviewed-by: Penny MacNeil <pennymac@chromium.org> Reviewed-by: Scott Violet <sky@chromium.org> Commit-Queue: Chris Hamilton <chrisha@chromium.org> Cr-Commit-Position: refs/heads/master@{#515400} [modify] https://crrev.com/63be0473919f1b16fb931c1f4d0a33dfaba1d397/chrome/browser/ui/startup/bad_flags_prompt.cc [modify] https://crrev.com/63be0473919f1b16fb931c1f4d0a33dfaba1d397/services/service_manager/sandbox/switches.cc [modify] https://crrev.com/63be0473919f1b16fb931c1f4d0a33dfaba1d397/services/service_manager/sandbox/switches.h [modify] https://crrev.com/63be0473919f1b16fb931c1f4d0a33dfaba1d397/services/service_manager/sandbox/win/sandbox_win.cc |
|
►
Sign in to add a comment |
|
Comment 1 by chrisha@chromium.org
, Nov 2 2017