1334661 - Remove constructors (static initializers) from Linux sandboxing code

Status: NEW

(Core :: Security: Process Sandboxing, defect, P5)

Description

[Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧]

Right now there are two constructor functions that I know of in the Linux sandboxing code, and they don't really need to be there:

* in glue/SandboxCrash.cpp, to poke the address of SandboxCrash (in libxul) into a variable in libmozsandbox.  This could be done later, immediately before sandboxing is started (e.g., at the top of SetCurrentProcessSandbox).

* The SandboxInfo singleton, which could be changed to be lazily constructed the first time it's requested.  There *was* a rationale for doing it that way, but it no longer applies now that the sandboxing code has been moved out of plugin-container.  However, the calls to getenv should be changed to PR_GetEnv (adding a dependency from libmozsandbox to NSPR); currently the first SandboxInfo::Get will occur in SandboxEarlyInit when single-threaded (give or take bug 1222500), but we shouldn't depend on that.