Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(422)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/renderer/renderer_main_platform_delegate_mac.mm

Issue 151202: Remove sysctl-read workarounds (Closed)
Patch Set: Created 11 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« base/sys_info_mac.cc ('K') | « base/sys_info_posix.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/renderer/renderer_main_platform_delegate.h" 5 #include "chrome/renderer/renderer_main_platform_delegate.h"
6 6
7 #include "base/debug_util.h" 7 #include "base/debug_util.h"
8 #include "base/message_loop.h" 8 #include "base/message_loop.h"
9 9
10 #import <Foundation/Foundation.h> 10 #import <Foundation/Foundation.h>
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after
141 bool RendererMainPlatformDelegate::EnableSandbox() { 141 bool RendererMainPlatformDelegate::EnableSandbox() {
142 142
143 // TODO(jeremy): Remove BeingDebugged() and CacheSysInfo() calls. They are 143 // TODO(jeremy): Remove BeingDebugged() and CacheSysInfo() calls. They are
144 // no longer required since the sandbox now allows sysctl() reads. 144 // no longer required since the sandbox now allows sysctl() reads.
145 145
146 // This call doesn't work when the sandbox is enabled, the implementation 146 // This call doesn't work when the sandbox is enabled, the implementation
147 // caches it's return value so we call it here and then future calls will 147 // caches it's return value so we call it here and then future calls will
148 // succeed. 148 // succeed.
149 DebugUtil::BeingDebugged(); 149 DebugUtil::BeingDebugged();
150 150
151 // Cache the System info information, since we can't query certain attributes
152 // with the Sandbox enabled.
153 base::SysInfo::CacheSysInfo();
154
155 // For the renderer, we give it a custom sandbox to lock down as tight as 151 // For the renderer, we give it a custom sandbox to lock down as tight as
156 // possible, but still be able to draw. 152 // possible, but still be able to draw.
157 153
158 NSString* sandbox_profile_path = 154 NSString* sandbox_profile_path =
159 [mac_util::MainAppBundle() pathForResource:@"renderer" ofType:@"sb"]; 155 [mac_util::MainAppBundle() pathForResource:@"renderer" ofType:@"sb"];
160 BOOL is_dir = NO; 156 BOOL is_dir = NO;
161 if (![[NSFileManager defaultManager] fileExistsAtPath:sandbox_profile_path 157 if (![[NSFileManager defaultManager] fileExistsAtPath:sandbox_profile_path
162 isDirectory:&is_dir] || is_dir) { 158 isDirectory:&is_dir] || is_dir) {
163 LOG(ERROR) << "Failed to find the sandbox profile on disk"; 159 LOG(ERROR) << "Failed to find the sandbox profile on disk";
164 return false; 160 return false;
165 } 161 }
166 162
167 const char *sandbox_profile = [sandbox_profile_path fileSystemRepresentation]; 163 const char *sandbox_profile = [sandbox_profile_path fileSystemRepresentation];
168 char* error_buff = NULL; 164 char* error_buff = NULL;
169 int error = sandbox_init(sandbox_profile, SANDBOX_NAMED_EXTERNAL, 165 int error = sandbox_init(sandbox_profile, SANDBOX_NAMED_EXTERNAL,
170 &error_buff); 166 &error_buff);
171 bool success = (error == 0 && error_buff == NULL); 167 bool success = (error == 0 && error_buff == NULL);
172 if (error == -1) { 168 if (error == -1) {
173 LOG(ERROR) << "Failed to Initialize Sandbox: " << error_buff; 169 LOG(ERROR) << "Failed to Initialize Sandbox: " << error_buff;
174 } 170 }
175 sandbox_free_error(error_buff); 171 sandbox_free_error(error_buff);
176 return success; 172 return success;
177 } 173 }
178 174
179 void RendererMainPlatformDelegate::RunSandboxTests() { 175 void RendererMainPlatformDelegate::RunSandboxTests() {
180 // TODO(port): Run sandbox unit test here. 176 // TODO(port): Run sandbox unit test here.
181 } 177 }
OLDNEW
« base/sys_info_mac.cc ('K') | « base/sys_info_posix.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698