| Alex Gough | dbb74e4 | 2024-07-31 23:31:46 | [diff] [blame] | 1 | # Unsandboxed Processes by Platform |
| 2 | |
| 3 | This document summarises the sandboxes used for different processes or services |
| 4 | in Chrome. This informs the [severity of security |
| 5 | issues](../../docs/security/severity-guidelines.md) in different processes. |
| 6 | Security issues are triaged based on the least-sandboxed platform where an issue |
| 7 | occurs. Some processes may be sandboxed but contain important credentials or |
| 8 | cross-origin data, for this table they count as being sandboxed. |
| 9 | |
| 10 | This table will be updated to track the default configuration of the Stable |
| 11 | Chrome channel (i.e. 100% of clients adopt the tighter configuration). |
| 12 | |
| 13 | The utility process type hosts several services with different sandboxing |
| 14 | requirements. Find the sandbox used by a utility by finding the |
| 15 | [`ServiceSandbox` attribute](../../sandbox/policy/mojom/sandbox.mojom) used in |
| 16 | its main mojo service. |
| 17 | |
| 18 | Last updated for M128. |
| 19 | |
| 20 | # Not sandboxed on some platforms |
| 21 | |
| 22 | | Process / Service | Platform(s) | Sandbox | |
| 23 | |---|---|---| |
| 24 | | Browser | all | **unsandboxed** | |
| 25 | | Network | Android, Windows, Linux | **unsandboxed** | |
| 26 | | GPU | Android, non-ChromeOS Linux | **unsandboxed** | |
| 27 | | On Device Model Execution | Android, non-ChromeOS Linux | **unsandboxed** | |
| 28 | | Video Capture | non-Fuchsia | **unsandboxed** | |
| 29 | | kNoSandbox | all | **unsandboxed** | |
| 30 | | kNoSandboxAndElevatedPrivileges | Windows | **Elevated** | |
| 31 | |
| 32 | # Sandboxed on specific platforms |
| 33 | |
| 34 | * kNetwork (Fuchsia, Mac) |
| 35 | * kGpu (Fuchsia, Mac, Windows, ChromeOS) |
| 36 | * kVideoCapture (Fuchsia) |
| 37 | |
| 38 | # Sandboxed |
| 39 | |
| 40 | * kRenderer (renderer, extensions, PDF renderers) |
| 41 | * kUtility |
| 42 | * kService |
| 43 | * kServiceWithJit |
| 44 | * kAudio |
| 45 | * kOnDeviceModelExecution |
| 46 | * kCdm |
| 47 | * kPrintCompositor |
| 48 | * kSpeechRecognition |
| 49 | * kScreenAI |
| 50 | * kPpapi |
| 51 | * kPrintBackend |
| 52 | * kVideoCapture (Fuchsia only) |
| 53 | * kIconReader (Windows only) |
| 54 | * kMediaFoundationCdm (Windows only) |
| 55 | * kPdfConversion (Windows only) |
| 56 | * kXrCompositing (Windows only) |
| 57 | * kWindowsSystemProxyResolver (Windows only) |
| 58 | * kHardwareVideoDecoding (Linux & Ash) |
| 59 | * kHardwareVideoEncoding (Linux & Ash) |
| 60 | * kIme (Ash only) |
| 61 | * kTts (Ash only) |
| 62 | * kLibassistant (Ash only) |
| 63 | * kNearby (Ash only) |
| 64 | * kMirroring (MacOS only) |
