| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This CL allows statting the following files:
1) '/'
2) '/var'
And full read access for various paths where .GlobalPreferences.plist may be present.
The first 2 seem harmless to unblock and the 3rd is used by the default system.
Bug=60917
TEST=Repro steps in bug.
Cleanup: Remove stale TODO
The code in question is no longer needed since Skia has changed to remove the #define in question.
BUG=None
TEST=Compilation shouldn't break
Review URL: http://codereview.chromium.org/4134007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@65331 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Introduce primitive variable substituion, this is useful since it greatly simplifies the calling code (you don't need to escape strings at the callsite).
* Construct the output profile in an std::string rather than an NSString, since there is no contract that the sandbox profile must be valid utf-8. The only guarantee we have is that paths in the profile must be able to be passed verbatum to OS file access functions.
Bug=60917
Test=Chrome on Mac should start up, installing extensions and themes should continue to work.
Review URL: http://codereview.chromium.org/4153008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64725 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change removes the ability to stat any file on disk and instead only allows stating files to which we have read access.
The complication with removing the ability to stat an arbitrary path is that without extra work you get into a situation where you can stat a leaf directory, but not it's parent. e.g. stat("/foo/bar") succeeds while stat("/foo") fails with errno == EPERM.
The only place we currently run into this is the utility process where the file system is off limits except for one directory.
This causes problems in 2 places:
1) DirectoryExists() works it's way from / down to the leaf directory stating each directory as it goes.
2) The extension installation code calls realpath() which fails if it can't stat parent directories.
The fix for the above is to explictly allow stating parent directories. We achieve this in the sandbox code by adding a function which generates the appropriate sandbox syntax.
This CL also contains unit tests for the above functionality and re-enables it [bug 56765, the underlying issue appears to be unrelated to the test and previously fixed].
BUG=42989, 56765
TEST=Chrome should continue to render web pages correctly, installing extensions and themes should continue to work on OS X.
Review URL: http://codereview.chromium.org/4044002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@63884 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Native Client. This removes the special sandbox commands as well
as all special code.
This CL replaces http://codereview.chromium.org/2881016/show which
was rolled back because of problems on Mac OS X 10.5. Those problems
were addressed in Native Client and pulled into Chrome with a DEPS
file update in http://codereview.chromium.org/2881034/show which was
committed as Chrome revision 53711.
BUG=http://code.google.com/p/nativeclient/issues/detail?id=344
TEST=all tests pass, including nacl_ui_tests
Review URL: http://codereview.chromium.org/3077003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@53936 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
in order for it to do bind() and connect().
BUG=http://code.google.com/p/chromium/issues/detail?id=26781
TEST=all tests pass, especially nacl_ui_tests
Review URL: http://codereview.chromium.org/2881016
TBR=msneck@google.com
Review URL: http://codereview.chromium.org/2842059
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52878 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
| |
in order for it to do bind() and connect().
BUG=http://code.google.com/p/chromium/issues/detail?id=26781
TEST=all tests pass, especially nacl_ui_tests
Review URL: http://codereview.chromium.org/2881016
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52872 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
Allow access to the /System/Library/ColorSync on all system version since it's apparently causing the renderer to display all colors as black when run from AquaConnect OS X terminal server, and there doesn't seem to be any point in blocking it.
BUG=46648
TEST=Web pages should render the same.
Review URL: http://codereview.chromium.org/2991002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52312 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
| |
Review URL: http://codereview.chromium.org/2831012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50079 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
Eliminate rule duplication in our sandbox profiles by creating a new common.sb file which we include implicitly at the start of all other sandbox configuration files.
BUG=39987
TEST=Chrome on Mac should continue to render pages, all unit tests should pass.
Review URL: http://codereview.chromium.org/1656006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@44804 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
renderer sandbox to support running Native Client.
2. Put the Native Client sel_ldr (which contains the user's untrusted code)
into a new Mac sandbox type.
3. Open /dev/random in SandboxWarmup().
4. Remove the "--nosandbox" flag when running Mac tests.
See http://codereview.chromium.org/1234003/show and
http://codereview.chromium.org/1525005/show which were both reverted because
of problems on Mac 10.6. This change is identical except for the ";NACL"
lines in renderer.sb files and the corresponding lines in nacl-loader.sb.
Unix socket support for the sandbox changed considerably from 10.5 to 10.6.
BUG=http://code.google.com/p/nativeclient/issues/detail?id=327
TEST=nacl_ui_tests still pass while running in the sandbox.
Review URL: http://codereview.chromium.org/1559012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43473 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sockets in the Mac
renderer sandbox to support running Native Client.
2. Put the Native Client sel_ldr (which contains the user's untrusted code)
into a new Mac sandbox type.
3. Open /dev/random in SandboxWarmup().
4. Remove the "nosandbox" flag when running Mac tests.
See http://codereview.chromium.org/1234003/show which was reverted because of
problems on Mac 10.6. This change is identical except for the ";NACL" lines
in the *.sb files. I've removed the 10.6specific sandbox commands and used
the generic commands that work on 10.5 and 10.6. I will work on adding the
10.6specific commands in a different change list.
BUG=http://code.google.com/p/nativeclient/issues/detail?id=327
TEST=nacl_ui_tests still pass while running in the sandbox.
Review URL: http://codereview.chromium.org/1525005
TBR=msneck@google.com
Review URL: http://codereview.chromium.org/1572009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43259 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
renderer sandbox to support running Native Client.
2. Put the Native Client sel_ldr (which contains the user's untrusted code)
into a new Mac sandbox type.
3. Open /dev/random in SandboxWarmup().
4. Remove the "--nosandbox" flag when running Mac tests.
See http://codereview.chromium.org/1234003/show which was reverted because of
problems on Mac 10.6. This change is identical except for the ";NACL" lines
in the *.sb files. I've removed the 10.6-specific sandbox commands and used
the generic commands that work on 10.5 and 10.6. I will work on adding the
10.6-specific commands in a different change list.
BUG=http://code.google.com/p/nativeclient/issues/detail?id=327
TEST=nacl_ui_tests still pass while running in the sandbox.
Review URL: http://codereview.chromium.org/1525005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43253 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sockets in the Mac
renderer sandbox to support running Native Client.
2. Put the Native Client sel_ldr (which contains the user's untrusted code
into a new Mac sandbox type.
3. Open /dev/random in SandboxWarmup().
4. Remove the "nosandbox" flag when running Mac tests.
BUG=http://code.google.com/p/nativeclient/issues/detail?id=327
TEST=nacl_ui_tests still pass while running in the sandbox.
Review URL: http://codereview.chromium.org/1234003
TBR=msneck@google.com
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43093 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
renderer sandbox to support running Native Client.
2. Put the Native Client sel_ldr (which contains the user's untrusted code
into a new Mac sandbox type.
3. Open /dev/random in SandboxWarmup().
4. Remove the "--nosandbox" flag when running Mac tests.
BUG=http://code.google.com/p/nativeclient/issues/detail?id=327
TEST=nacl_ui_tests still pass while running in the sandbox.
Review URL: http://codereview.chromium.org/1234003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@43086 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=Browsing to popular websites on OS X 10.5 & 10.6 should continue to work.
Be sure to test on both 10.5 and 10.6
Review URL: http://codereview.chromium.org/660444
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@40867 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Added a command line option to enable verbose logging in the Sandbox. This will be useful when we start looking at the information in ChromeBot.
* Modified the code that splices the homedir path into the Sandbox file. This code is now only used on 10.6 and no longer uses a regex.
* Moved sandbox code out into a sandbox_mac file.
* Changed 10.6 seed release references -> 10.6 .
BUG=21483
TEST=Browser should launch and display NTP correctly on OS X 10.5 & 10.6
Review URL: http://codereview.chromium.org/242165
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@28541 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Turns out there's a way to allow sending signals to yourself that works on both 10.5 & 10.6 so use that...
Remove temporary hack to only enable syntax on Leopard.
BUG=20370
TEST=On both 10.5 & 10.6 - Follow repro steps for crash in 20366, browser process should show sad tabs rather than crash.
Review URL: http://codereview.chromium.org/180028
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@24820 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The signal-self syntax needed to fix bug 20370 doesn't work on Leopard and
causes the Sandbox to barf so renderers don't star tup.
We introduce a ;10.5_ONLY keyword to the sandbox that is substituted at runtime (the line with the rule is effectively uncommented). This allows us to use leopard or snow-leapard-only sandbox syntax
BUG=20516
TEST=Chrome should no longer crash on launch under SL.
Review URL: http://codereview.chromium.org/183003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@24777 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
Solves some very nasty behavior when renderers crash in a certain situation.
BUG=20370
TEST=Follow repro steps for crash in 20366, browser process should show sad tabs rather than crash.
Review URL: http://codereview.chromium.org/173593
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@24674 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix 10.6 bug where garbled text was displayed due to insuccesful font loading.
* Tightened down the Sandbox a bit, instead of allowing access to /System/Library limit it to certain subdirectories.
* Remove unused warmup code now that we allow sysctl-read.
BUG=11269
BUG=b/1853366
TEST=On 10.6, copy Arial.ttf from /System/Library/Fonts to ~/Library/Fonts , Launch Chrome. Text on NTP should be displayed normally and not garbled.
Review URL: http://codereview.chromium.org/174254
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@24030 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
reliable.
TEST=Zoom a page with multiple form controls, check that they don't become invisible when zoomed.
BUG=11325
Review URL: http://codereview.chromium.org/119151
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@17645 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Workaround for rdar://6857649 - NSGradient fails when using LAB Colorspace
* Update sandbox config file for 10.6
BUG=11265
TEST=Open Chrome on 10.6, it should have tabs and the tab title should reflect
the title of the page that's currently loaded.
Review URL: http://codereview.chromium.org/109032
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@15328 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
| |
1. Punch holes in Sandbox config to accomodate changes in the Font Server.
2. Add warmup for CGImageSourceGetStatus().
3. Misc cleanup for rendererMainPlatformDelegate::PlatformInitialize() function.
Review URL: http://codereview.chromium.org/67232
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@13882 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
- rename the mac platform delegate to be .mm so we can use cocoa in it.
- added the sandbox profile jeremy figured out.
- add the profile file to the project build.
- during renderer startup, check the process type and use our custom profile or
the pure compute profile based on if we're a renderer or a unittest.
Review URL: http://codereview.chromium.org/21419
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@9895 0039d316-1c4b-4281-b951-d872f2087c98
|
