commit 9cad86bf7a995da115dd9fcc6f82420cd226a210
author Robert Sesek <rsesek@chromium.org> Fri Dec 02 16:27:12 2022
committer Chromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com> Fri Dec 02 16:27:12 2022
tree a88a57a53ab37da7bf6daf68340810fc21d43bc6
parent 54ac2ba7da6b49965ec7b3cce6201e3b29ea6f7d

mac: Remove explicit (allow sysctl-read) for kern.proc.pid.$pid

Use the (allow process-info) capability to permit this instead. This
lets the (param current-pid) be removed.

Bug: 1315988
Change-Id: I04e60b172182b047077ca612de964a342fbd94c7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4072724
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1078611}

content/renderer/sandbox_mac_v2_unittest.mm

diff --git a/content/renderer/sandbox_mac_v2_unittest.mm b/content/renderer/sandbox_mac_v2_unittest.mm
index 977153f5..ff81fbc 100644
--- a/content/renderer/sandbox_mac_v2_unittest.mm
+++ b/content/renderer/sandbox_mac_v2_unittest.mm
@@ -70,8 +70,6 @@
                                     logging_path.value()));
 
   // Parameters normally set by the main executable.
-  CHECK(compiler->InsertStringParam(sandbox::policy::kParamCurrentPid,
-                                    std::to_string(getpid())));
   CHECK(compiler->InsertStringParam(sandbox::policy::kParamExecutablePath,
                                     executable_path.value()));
 
@@ -167,6 +165,8 @@
   CHECK_EQ(0,
            sysctlbyname("hw.ncpu", sysctl_data.data(), &data_size, nullptr, 0));
 
+  CHECK(!base::Process::Current().CreationTime().is_null());
+
   return 0;
 }