diff options
| -rw-r--r-- | chrome/app/chrome_main.cc | 3 | ||||
| -rw-r--r-- | content/browser/ppapi_plugin_process_host.cc | 1 | ||||
| -rw-r--r-- | content/common/sandbox_init_wrapper_mac.cc | 2 | ||||
| -rw-r--r-- | content/common/sandbox_mac.h | 3 | ||||
| -rw-r--r-- | content/common/sandbox_mac.mm | 3 | ||||
| -rw-r--r-- | content/content_ppapi_plugin.gypi | 9 | ||||
| -rw-r--r-- | content/ppapi_plugin/ppapi.sb | 20 | ||||
| -rw-r--r-- | content/ppapi_plugin/ppapi_thread.cc | 14 |
8 files changed, 54 insertions, 1 deletions
diff --git a/chrome/app/chrome_main.cc b/chrome/app/chrome_main.cc index 3f0652c..aa60443 100644 --- a/chrome/app/chrome_main.cc +++ b/chrome/app/chrome_main.cc @@ -806,7 +806,8 @@ int ChromeMain(int argc, char** argv) { if (process_type == switches::kRendererProcess || process_type == switches::kExtensionProcess || process_type == switches::kNaClLoaderProcess || - process_type == switches::kGpuProcess) { + process_type == switches::kGpuProcess || + process_type == switches::kPpapiPluginProcess) { initialize_sandbox = false; } #endif diff --git a/content/browser/ppapi_plugin_process_host.cc b/content/browser/ppapi_plugin_process_host.cc index 738cefe..b0a6a1c 100644 --- a/content/browser/ppapi_plugin_process_host.cc +++ b/content/browser/ppapi_plugin_process_host.cc @@ -49,6 +49,7 @@ bool PpapiPluginProcessHost::Init(const PepperPluginInfo& info) { // TODO(vtl): Stop passing flash args in the command line, on windows is // going to explode. static const char* kForwardSwitches[] = { + switches::kNoSandbox, switches::kPpapiFlashArgs, switches::kPpapiStartupDialog }; diff --git a/content/common/sandbox_init_wrapper_mac.cc b/content/common/sandbox_init_wrapper_mac.cc index 997ba43..125513d 100644 --- a/content/common/sandbox_init_wrapper_mac.cc +++ b/content/common/sandbox_init_wrapper_mac.cc @@ -60,6 +60,8 @@ bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line, (process_type == switches::kProfileImportProcess) || (process_type == switches::kServiceProcess)) { return true; + } else if (process_type == switches::kPpapiPluginProcess) { + sandbox_process_type = Sandbox::SANDBOX_TYPE_PPAPI; } else { // Failsafe: If you hit an unreached here, is your new process type in need // of sandboxing? diff --git a/content/common/sandbox_mac.h b/content/common/sandbox_mac.h index 50c989b..9de4096 100644 --- a/content/common/sandbox_mac.h +++ b/content/common/sandbox_mac.h @@ -78,6 +78,9 @@ class Sandbox { // GPU process. SANDBOX_TYPE_GPU, + // The PPAPI plugin process. + SANDBOX_TYPE_PPAPI, + SANDBOX_AFTER_TYPE_LAST_TYPE, // Placeholder to ease iteration. }; diff --git a/content/common/sandbox_mac.mm b/content/common/sandbox_mac.mm index 5191eff..c0aad48 100644 --- a/content/common/sandbox_mac.mm +++ b/content/common/sandbox_mac.mm @@ -346,6 +346,9 @@ NSString* LoadSandboxTemplate(Sandbox::SandboxProcessType sandbox_type) { case Sandbox::SANDBOX_TYPE_GPU: sandbox_config_filename = @"gpu"; break; + case Sandbox::SANDBOX_TYPE_PPAPI: + sandbox_config_filename = @"ppapi"; + break; default: NOTREACHED(); return nil; diff --git a/content/content_ppapi_plugin.gypi b/content/content_ppapi_plugin.gypi index 64eb124..7040700 100644 --- a/content/content_ppapi_plugin.gypi +++ b/content/content_ppapi_plugin.gypi @@ -28,6 +28,15 @@ 'include_dirs': [ '..', ], + 'conditions': [ + ['OS=="mac"', { + 'link_settings': { + 'mac_bundle_resources': [ + 'ppapi_plugin/ppapi.sb', + ], + }, + }], + ], }, ], } diff --git a/content/ppapi_plugin/ppapi.sb b/content/ppapi_plugin/ppapi.sb new file mode 100644 index 0000000..6fa3ebf --- /dev/null +++ b/content/ppapi_plugin/ppapi.sb @@ -0,0 +1,20 @@ +;; +;; Copyright (c) 2011 The Chromium Authors. All rights reserved. +;; Use of this source code is governed by a BSD-style license that can be +;; found in the LICENSE file. +;; + +; TODO(viettrungluu): Confirm that the exceptions below are needed. + +; *** The contents of content/common/common.sb are implicitly included here. *** + +; Needed for Fonts. +(allow file-read* (regex #"^/System/Library/Fonts($|/)")) ; 10.5.6 +; 10.6 for loading fonts in the renderer. +; on 10.5 this is needed for the PDF plugin. +(allow file-read* (regex #"^/Library/Fonts($|/)")) +(allow mach-lookup (global-name "com.apple.FontObjectsServer")) ; 10.5.6 +;10.6_OR_ABOVE (allow mach-lookup (global-name "com.apple.FontServer")) ; 10.6 + +; http://crbug.com/11269 +;10.6_OR_ABOVE (allow file-read* (subpath "@USER_HOMEDIR_AS_LITERAL@/Library/Fonts")) ; 10.6 diff --git a/content/ppapi_plugin/ppapi_thread.cc b/content/ppapi_plugin/ppapi_thread.cc index 4ad7cd2..9b3c846 100644 --- a/content/ppapi_plugin/ppapi_thread.cc +++ b/content/ppapi_plugin/ppapi_thread.cc @@ -6,10 +6,13 @@ #include <limits> +#include "base/command_line.h" #include "base/process_util.h" #include "base/rand_util.h" #include "base/stringprintf.h" #include "content/common/child_process.h" +#include "content/common/content_switches.h" +#include "content/common/sandbox_init_wrapper.h" #include "content/ppapi_plugin/broker_process_dispatcher.h" #include "content/ppapi_plugin/plugin_process_dispatcher.h" #include "content/ppapi_plugin/ppapi_webkit_thread.h" @@ -145,6 +148,17 @@ void PpapiThread::OnMsgLoadPlugin(const FilePath& path) { return; } +#if defined(OS_MACOSX) + // We need to do this after getting |PPP_GetInterface()| (or presumably + // doing something nontrivial with the library), else the sandbox + // intercedes. + CommandLine* parsed_command_line = CommandLine::ForCurrentProcess(); + SandboxInitWrapper sandbox_wrapper; + if (!sandbox_wrapper.InitializeSandbox(*parsed_command_line, + switches::kPpapiPluginProcess)) + LOG(WARNING) << "Failed to initialize sandbox"; +#endif + // Get the InitializeModule function (required). pp::proxy::Dispatcher::InitModuleFunc init_module = reinterpret_cast<pp::proxy::Dispatcher::InitModuleFunc>( |