summaryrefslogtreecommitdiffstats
path: root/chrome/common/sandbox_mac.mm
Commit message (Collapse)AuthorAgeFilesLines
* Mac: Refactor sandbox profiles to use a common base configuration file.jeremy@chromium.org2010-04-161-8/+31
| | | | | | | | | | | Eliminate rule duplication in our sandbox profiles by creating a new common.sb file which we include implicitly at the start of all other sandbox configuration files. BUG=39987 TEST=Chrome on Mac should continue to render pages, all unit tests should pass. Review URL: http://codereview.chromium.org/1656006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@44804 0039d316-1c4b-4281-b951-d872f2087c98
* 1. Create a new sandbox type which allows access to Unix sockets in the Macmsneck@google.com2010-04-021-0/+38
| | | | | | | | | | | | | | | | | | | | | renderer sandbox to support running Native Client. 2. Put the Native Client sel_ldr (which contains the user's untrusted code) into a new Mac sandbox type. 3. Open /dev/random in SandboxWarmup(). 4. Remove the "--nosandbox" flag when running Mac tests. See http://codereview.chromium.org/1234003/show and http://codereview.chromium.org/1525005/show which were both reverted because of problems on Mac 10.6. This change is identical except for the ";NACL" lines in renderer.sb files and the corresponding lines in nacl-loader.sb. Unix socket support for the sandbox changed considerably from 10.5 to 10.6. BUG=http://code.google.com/p/nativeclient/issues/detail?id=327 TEST=nacl_ui_tests still pass while running in the sandbox. Review URL: http://codereview.chromium.org/1559012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43473 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 43253 - 1. Create a new sandbox type which allows access to Unix ↵dmaclach@chromium.org2010-03-311-38/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | sockets in the Mac renderer sandbox to support running Native Client. 2. Put the Native Client sel_ldr (which contains the user's untrusted code) into a new Mac sandbox type. 3. Open /dev/random in SandboxWarmup(). 4. Remove the "nosandbox" flag when running Mac tests. See http://codereview.chromium.org/1234003/show which was reverted because of problems on Mac 10.6. This change is identical except for the ";NACL" lines in the *.sb files. I've removed the 10.6specific sandbox commands and used the generic commands that work on 10.5 and 10.6. I will work on adding the 10.6specific commands in a different change list. BUG=http://code.google.com/p/nativeclient/issues/detail?id=327 TEST=nacl_ui_tests still pass while running in the sandbox. Review URL: http://codereview.chromium.org/1525005 TBR=msneck@google.com Review URL: http://codereview.chromium.org/1572009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43259 0039d316-1c4b-4281-b951-d872f2087c98
* 1. Create a new sandbox type which allows access to Unix sockets in the Macmsneck@google.com2010-03-311-0/+38
| | | | | | | | | | | | | | | | | | | | | renderer sandbox to support running Native Client. 2. Put the Native Client sel_ldr (which contains the user's untrusted code) into a new Mac sandbox type. 3. Open /dev/random in SandboxWarmup(). 4. Remove the "--nosandbox" flag when running Mac tests. See http://codereview.chromium.org/1234003/show which was reverted because of problems on Mac 10.6. This change is identical except for the ";NACL" lines in the *.sb files. I've removed the 10.6-specific sandbox commands and used the generic commands that work on 10.5 and 10.6. I will work on adding the 10.6-specific commands in a different change list. BUG=http://code.google.com/p/nativeclient/issues/detail?id=327 TEST=nacl_ui_tests still pass while running in the sandbox. Review URL: http://codereview.chromium.org/1525005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43253 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 43086 - 1. Create a new sandbox type which allows access to Unix ↵dmaclach@chromium.org2010-03-301-39/+1
| | | | | | | | | | | | | | | | | | sockets in the Mac renderer sandbox to support running Native Client. 2. Put the Native Client sel_ldr (which contains the user's untrusted code into a new Mac sandbox type. 3. Open /dev/random in SandboxWarmup(). 4. Remove the "nosandbox" flag when running Mac tests. BUG=http://code.google.com/p/nativeclient/issues/detail?id=327 TEST=nacl_ui_tests still pass while running in the sandbox. Review URL: http://codereview.chromium.org/1234003 TBR=msneck@google.com git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43093 0039d316-1c4b-4281-b951-d872f2087c98
* 1. Create a new sandbox type which allows access to Unix sockets in the Macmsneck@google.com2010-03-301-1/+39
| | | | | | | | | | | | | | renderer sandbox to support running Native Client. 2. Put the Native Client sel_ldr (which contains the user's untrusted code into a new Mac sandbox type. 3. Open /dev/random in SandboxWarmup(). 4. Remove the "--nosandbox" flag when running Mac tests. BUG=http://code.google.com/p/nativeclient/issues/detail?id=327 TEST=nacl_ui_tests still pass while running in the sandbox. Review URL: http://codereview.chromium.org/1234003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43086 0039d316-1c4b-4281-b951-d872f2087c98
* Add regex escaping code to Mac sandbox implementation and re-enable the ↵jeremy@chromium.org2009-12-031-16/+190
| | | | | | | | | | | | | | | utility process on OS X. Other changes: * An error initializing the sandbox on OS X is now treated as fatal. * Improved error reporting for sandbox-related failures. BUG=26492,23837 TEST=Installing extensions and themes should still work on OS X. Review URL: http://codereview.chromium.org/434077 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33682 0039d316-1c4b-4281-b951-d872f2087c98
* TBR: mark@chromium.orgjeremy@chromium.org2009-11-051-4/+42
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@31091 0039d316-1c4b-4281-b951-d872f2087c98
* TBR:markjeremy@chromium.org2009-11-051-42/+4
| | | | git-svn-id: svn://svn.chromium.org/chrome/trunk/src@31090 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox Worker process on the Mac.jeremy@chromium.org2009-11-051-4/+42
| | | | | | | | | | | | | | * Add plumbing to allow multiple Sandbox profiles on OS X. * Separate sandbox_init_wrapper into platform specific files. * Sandbox Worker process & add plumbing to Sandbox utility process when we bring that up. * Remove mention of stale bugs in utility process on Mac. BUG=23582 TEST=Worker process should work. Review URL: http://codereview.chromium.org/341033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@31089 0039d316-1c4b-4281-b951-d872f2087c98
* Move the json-related files into a separate json directory. This hopefully alsobrettw@chromium.org2009-10-231-2/+2
| | | | | | | | | | | makes the naming of string_escape more clear (it's actually JSON-specific). Move the files into the base namespace. TEST=none BUG=none Review URL: http://codereview.chromium.org/316016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@29934 0039d316-1c4b-4281-b951-d872f2087c98
* Some fixes to the OS X Sandbox:jeremy@chromium.org2009-10-091-0/+145
* Added a command line option to enable verbose logging in the Sandbox. This will be useful when we start looking at the information in ChromeBot. * Modified the code that splices the homedir path into the Sandbox file. This code is now only used on 10.6 and no longer uses a regex. * Moved sandbox code out into a sandbox_mac file. * Changed 10.6 seed release references -> 10.6 . BUG=21483 TEST=Browser should launch and display NTP correctly on OS X 10.5 & 10.6 Review URL: http://codereview.chromium.org/242165 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@28541 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-01-30 20:41:31 +0000