diff options
| author | jeremy@chromium.org <jeremy@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-11-05 12:50:34 +0000 |
|---|---|---|
| committer | jeremy@chromium.org <jeremy@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-11-05 12:50:34 +0000 |
| commit | 824083c52c5689198290e24938793ce4ccc6e683 (patch) | |
| tree | a9a8145fff77340dc6c88ee787fa9653c421e35a /chrome/common/sandbox_mac.mm | |
| parent | 498fd8ed8d91dd428dab8b7d40029a62aa42734e (diff) | |
| download | chromium_src-824083c52c5689198290e24938793ce4ccc6e683.zip chromium_src-824083c52c5689198290e24938793ce4ccc6e683.tar.gz chromium_src-824083c52c5689198290e24938793ce4ccc6e683.tar.bz2 | |
Sandbox Worker process on the Mac.
* Add plumbing to allow multiple Sandbox profiles on OS X.
* Separate sandbox_init_wrapper into platform specific files.
* Sandbox Worker process & add plumbing to Sandbox utility process when we bring that up.
* Remove mention of stale bugs in utility process on Mac.
BUG=23582
TEST=Worker process should work.
Review URL: http://codereview.chromium.org/341033
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@31089 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/common/sandbox_mac.mm')
| -rw-r--r-- | chrome/common/sandbox_mac.mm | 46 |
1 files changed, 42 insertions, 4 deletions
diff --git a/chrome/common/sandbox_mac.mm b/chrome/common/sandbox_mac.mm index ae55b52..6eac34c 100644 --- a/chrome/common/sandbox_mac.mm +++ b/chrome/common/sandbox_mac.mm @@ -84,11 +84,42 @@ void SandboxWarmup() { } // Turns on the OS X sandbox for this process. -bool EnableSandbox() { - // For the renderer, we give it a custom sandbox to lock things down as - // tightly as possible, while still enabling drawing. +bool EnableSandbox(SandboxProcessType sandbox_type, + const FilePath& allowed_dir) { + // Sanity - currently only SANDBOX_TYPE_UTILITY supports a directory being + // passed in. + if (sandbox_type != SANDBOX_TYPE_UTILITY) { + DCHECK(allowed_dir.empty()) + << "Only SANDBOX_TYPE_UTILITY allows a custom directory parameter."; + } else { + DCHECK(!allowed_dir.empty()) + << "SANDBOX_TYPE_UTILITY " + << "needs a custom directory parameter, but an empty one was provided."; + } + + // We use a custom sandbox definition file to lock things down as + // tightly as possible. + // TODO(jeremy): Look at using include syntax to unify common parts of sandbox + // definition files. + NSString* sandbox_config_filename = nil; + switch (sandbox_type) { + case SANDBOX_TYPE_RENDERER: + sandbox_config_filename = @"renderer"; + break; + case SANDBOX_TYPE_WORKER: + sandbox_config_filename = @"worker"; + break; + case SANDBOX_TYPE_UTILITY: + sandbox_config_filename = @"utility"; + break; + default: + NOTREACHED(); + return false; + } + NSString* sandbox_profile_path = - [mac_util::MainAppBundle() pathForResource:@"renderer" ofType:@"sb"]; + [mac_util::MainAppBundle() pathForResource:sandbox_config_filename + ofType:@"sb"]; NSString* sandbox_data = [NSString stringWithContentsOfFile:sandbox_profile_path encoding:NSUTF8StringEncoding @@ -108,6 +139,13 @@ bool EnableSandbox() { withString:@""]; } + if (!allowed_dir.empty()) { + NSString* allowed_dir_ns = base::SysUTF8ToNSString(allowed_dir.value()); + sandbox_data = [sandbox_data + stringByReplacingOccurrencesOfString:@"DIR_TO_ALLOW_ACCESS" + withString:allowed_dir_ns]; + } + int32 major_version, minor_version, bugfix_version; base::SysInfo::OperatingSystemVersionNumbers(&major_version, &minor_version, &bugfix_version); |