diff options
| author | adamk@chromium.org <adamk@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-08-15 15:47:51 +0000 |
|---|---|---|
| committer | adamk@chromium.org <adamk@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-08-15 15:49:11 +0000 |
| commit | 08dddedfd37e16625a16eb23d8823ad604cd872a (patch) | |
| tree | b446655bc3123b87e2eb24ee7d7208a300d25062 | |
| parent | 698a1ecac8ee70d797a3a4fd8ee7dd3c7c583f68 (diff) | |
| download | chromium_src-08dddedfd37e16625a16eb23d8823ad604cd872a.zip chromium_src-08dddedfd37e16625a16eb23d8823ad604cd872a.tar.gz chromium_src-08dddedfd37e16625a16eb23d8823ad604cd872a.tar.bz2 | |
Revert of Fix Mac sandbox meta data access (reland) (patchset #2 of https://codereview.chromium.org/469383002/)
Reason for revert:
Caused GPU crashes on Mac10.6 Blink layout tests running with component=shared_library.
Original issue's description:
> Fix Mac sandbox meta data access (reland)
>
> We currently allow all metadata access due to
> https://codereview.chromium.org/10539009/ made the for loop comparison
> in Sandbox::AllowMetadataForPath() always false, when we actually only
> want to allow access to the path and all its parent path until root.
>
> Turn the for loop to a do/while loop instead as it's a better fit, also
> add a test case for Sandbox::AllowMetadataForPath().
>
> We also need file read meta data access to all the .dylibs we linked to.
>
> It should only affect component builds on OS X 10.6 and utility process
> as no other process is using this mechanism.
>
> BUG=403801
>
> Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=289738
TBR=avi@chromium.org,jeremy@chromium.org,thakis@chromium.org,jiangj@opera.com
NOTREECHECKS=true
NOTRY=true
BUG=403801
Review URL: https://codereview.chromium.org/470693004
Cr-Commit-Position: refs/heads/master@{#289877}
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@289877 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | content/common/sandbox_mac.h | 1 | ||||
| -rw-r--r-- | content/common/sandbox_mac.mm | 26 | ||||
| -rw-r--r-- | content/common/sandbox_mac_diraccess_unittest.mm | 13 |
3 files changed, 5 insertions, 35 deletions
diff --git a/content/common/sandbox_mac.h b/content/common/sandbox_mac.h index f978f02..557b4fb7 100644 --- a/content/common/sandbox_mac.h +++ b/content/common/sandbox_mac.h @@ -160,7 +160,6 @@ class CONTENT_EXPORT Sandbox { FRIEND_TEST_ALL_PREFIXES(MacDirAccessSandboxTest, StringEscape); FRIEND_TEST_ALL_PREFIXES(MacDirAccessSandboxTest, RegexEscape); FRIEND_TEST_ALL_PREFIXES(MacDirAccessSandboxTest, SandboxAccess); - FRIEND_TEST_ALL_PREFIXES(MacDirAccessSandboxTest, AllowMetadataForPath); DISALLOW_IMPLICIT_CONSTRUCTORS(Sandbox); }; diff --git a/content/common/sandbox_mac.mm b/content/common/sandbox_mac.mm index 8b4dfe3..c7c1265 100644 --- a/content/common/sandbox_mac.mm +++ b/content/common/sandbox_mac.mm @@ -114,14 +114,12 @@ NSString* Sandbox::AllowMetadataForPath(const base::FilePath& allowed_path) { // Collect a list of all parent directories. base::FilePath last_path = allowed_path; std::vector<base::FilePath> subpaths; - - base::FilePath path = allowed_path; - do { + for (base::FilePath path = allowed_path; + path.value() != last_path.value(); + path = path.DirName()) { subpaths.push_back(path); - last_path = path; - path = path.DirName(); - } while (path.value() != last_path.value()); + } // Iterate through all parents and allow stat() on them explicitly. NSString* sandbox_command = @"(allow file-read-metadata "; @@ -572,22 +570,6 @@ bool Sandbox::EnableSandbox(int sandbox_type, [base::mac::MainBundle() executablePath]); NSString* sandbox_command = AllowMetadataForPath( GetCanonicalSandboxPath(bundle_executable)); - - // In addition to the workaround above, for OS X <= 10.6 we also need to - // allow reading file metadata for all the dylibs under the same directory - // containing the Chrome bundle. It requires to go 5 levels up from main - // bundle path because the main bundle here is the Helper.app bundle. - base::FilePath product_path = base::mac::MainBundlePath() - .DirName() - .DirName() - .DirName() - .DirName() - .DirName(); - sandbox_command = [sandbox_command - stringByAppendingFormat: - @"(allow file-read-metadata (regex #\"^%@/.*\\.dylib$\"))", - base::mac::FilePathToNSString(product_path)]; - substitutions["COMPONENT_BUILD_WORKAROUND"] = SandboxSubstring(base::SysNSStringToUTF8(sandbox_command)); } diff --git a/content/common/sandbox_mac_diraccess_unittest.mm b/content/common/sandbox_mac_diraccess_unittest.mm index 7fb7d45..06a5442 100644 --- a/content/common/sandbox_mac_diraccess_unittest.mm +++ b/content/common/sandbox_mac_diraccess_unittest.mm @@ -127,6 +127,7 @@ TEST_F(MacDirAccessSandboxTest, RegexEscape) { std::string out; EXPECT_TRUE(Sandbox::QuoteStringForRegex(in_utf8, &out)); EXPECT_EQ(expected, out); + } } @@ -177,18 +178,6 @@ TEST_F(MacDirAccessSandboxTest, SandboxAccess) { } } -TEST_F(MacDirAccessSandboxTest, AllowMetadataForPath) { - { - std::string expected( - "(allow file-read-metadata (literal \"/\")(literal \"/System\")" - "(literal \"/System/Library\")" - "(literal \"/System/Library/Frameworks\"))"); - NSString* sandbox_command = Sandbox::AllowMetadataForPath( - base::FilePath("/System/Library/Frameworks")); - EXPECT_EQ(base::SysNSStringToUTF8(sandbox_command), expected); - } -} - MULTIPROCESS_TEST_MAIN(mac_sandbox_path_access) { char *sandbox_allowed_dir = getenv(kSandboxAccessPathKey); if (!sandbox_allowed_dir) |