| OLD | NEW |
|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/sandbox_mac.h" | 5 #include "chrome/common/sandbox_mac.h" |
| 6 | 6 |
| 7 #include "base/debug_util.h" | 7 #include "base/debug_util.h" |
| 8 | 8 |
| 9 #import <Cocoa/Cocoa.h> | 9 #import <Cocoa/Cocoa.h> |
| 10 extern "C" { | 10 extern "C" { |
| (...skipping 291 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 302 if (!sandbox_data) { | 302 if (!sandbox_data) { |
| 303 LOG(FATAL) << "Failed to find the sandbox profile on disk " | 303 LOG(FATAL) << "Failed to find the sandbox profile on disk " |
| 304 << [sandbox_profile_path fileSystemRepresentation]; | 304 << [sandbox_profile_path fileSystemRepresentation]; |
| 305 return false; | 305 return false; |
| 306 } | 306 } |
| 307 | 307 |
| 308 // Prefix sandbox_data with common_sandbox_prefix_data. | 308 // Prefix sandbox_data with common_sandbox_prefix_data. |
| 309 sandbox_data = | 309 sandbox_data = |
| 310 [common_sandbox_prefix_data stringByAppendingString:sandbox_data]; | 310 [common_sandbox_prefix_data stringByAppendingString:sandbox_data]; |
| 311 | 311 |
| 312 // Enable verbose logging if enabled on the command line. | 312 // Enable verbose logging if enabled on the command line. (See common.sb |
| 313 // (see renderer.sb for details). | 313 // for details). |
| 314 const CommandLine *command_line = CommandLine::ForCurrentProcess(); | 314 const CommandLine *command_line = CommandLine::ForCurrentProcess(); |
| 315 if (command_line->HasSwitch(switches::kEnableSandboxLogging)) { | 315 bool enable_logging = |
| 316 command_line->HasSwitch(switches::kEnableSandboxLogging); |
| 317 if (enable_logging) { |
| 316 sandbox_data = [sandbox_data | 318 sandbox_data = [sandbox_data |
| 317 stringByReplacingOccurrencesOfString:@";ENABLE_LOGGING" | 319 stringByReplacingOccurrencesOfString:@";ENABLE_LOGGING" |
| 318 withString:@""]; | 320 withString:@""]; |
| 319 } | 321 } |
| 320 | 322 |
| 323 // Get the OS version. |
| 324 int32 major_version, minor_version, bugfix_version; |
| 325 base::SysInfo::OperatingSystemVersionNumbers(&major_version, |
| 326 &minor_version, &bugfix_version); |
| 327 bool snow_leopard_or_higher = |
| 328 (major_version > 10 || (major_version == 10 && minor_version >= 6)); |
| 329 |
| 330 // Without this, the sandbox will print a message to the system log every |
| 331 // time it denies a request. This floods the console with useless spew. The |
| 332 // (with no-log) syntax is only supported on 10.6+ |
| 333 if (snow_leopard_or_higher && !enable_logging) { |
| 334 sandbox_data = [sandbox_data |
| 335 stringByReplacingOccurrencesOfString:@"DISABLE_SANDBOX_DENIAL_LOGGING" |
| 336 withString:@"(with no-log)"]; |
| 337 } else { |
| 338 sandbox_data = [sandbox_data |
| 339 stringByReplacingOccurrencesOfString:@"DISABLE_SANDBOX_DENIAL_LOGGING" |
| 340 withString:@""]; |
| 341 } |
| 342 |
| 321 if (!allowed_dir.empty()) { | 343 if (!allowed_dir.empty()) { |
| 322 // The sandbox only understands "real" paths. This resolving step is | 344 // The sandbox only understands "real" paths. This resolving step is |
| 323 // needed so the caller doesn't need to worry about things like /var | 345 // needed so the caller doesn't need to worry about things like /var |
| 324 // being a link to /private/var (like in the paths CreateNewTempDirectory() | 346 // being a link to /private/var (like in the paths CreateNewTempDirectory() |
| 325 // returns). | 347 // returns). |
| 326 FilePath allowed_dir_canonical(allowed_dir); | 348 FilePath allowed_dir_canonical(allowed_dir); |
| 327 GetCanonicalSandboxPath(&allowed_dir_canonical); | 349 GetCanonicalSandboxPath(&allowed_dir_canonical); |
| 328 | 350 |
| 329 std::string allowed_dir_escaped; | 351 std::string allowed_dir_escaped; |
| 330 if (!QuoteStringForRegex(allowed_dir_canonical.value(), | 352 if (!QuoteStringForRegex(allowed_dir_canonical.value(), |
| 331 &allowed_dir_escaped)) { | 353 &allowed_dir_escaped)) { |
| 332 LOG(FATAL) << "Regex string quoting failed " << allowed_dir.value(); | 354 LOG(FATAL) << "Regex string quoting failed " << allowed_dir.value(); |
| 333 return false; | 355 return false; |
| 334 } | 356 } |
| 335 NSString* allowed_dir_escaped_ns = base::SysUTF8ToNSString( | 357 NSString* allowed_dir_escaped_ns = base::SysUTF8ToNSString( |
| 336 allowed_dir_escaped.c_str()); | 358 allowed_dir_escaped.c_str()); |
| 337 sandbox_data = [sandbox_data | 359 sandbox_data = [sandbox_data |
| 338 stringByReplacingOccurrencesOfString:@";ENABLE_DIRECTORY_ACCESS" | 360 stringByReplacingOccurrencesOfString:@";ENABLE_DIRECTORY_ACCESS" |
| 339 withString:@""]; | 361 withString:@""]; |
| 340 sandbox_data = [sandbox_data | 362 sandbox_data = [sandbox_data |
| 341 stringByReplacingOccurrencesOfString:@"DIR_TO_ALLOW_ACCESS" | 363 stringByReplacingOccurrencesOfString:@"DIR_TO_ALLOW_ACCESS" |
| 342 withString:allowed_dir_escaped_ns]; | 364 withString:allowed_dir_escaped_ns]; |
| 343 | 365 |
| 344 } | 366 } |
| 345 | 367 |
| 346 int32 major_version, minor_version, bugfix_version; | 368 if (snow_leopard_or_higher) { |
| 347 base::SysInfo::OperatingSystemVersionNumbers(&major_version, | |
| 348 &minor_version, &bugfix_version); | |
| 349 | |
| 350 if (major_version > 10 || (major_version == 10 && minor_version >= 6)) { | |
| 351 // 10.6-only Sandbox rules. | 369 // 10.6-only Sandbox rules. |
| 352 sandbox_data = [sandbox_data | 370 sandbox_data = [sandbox_data |
| 353 stringByReplacingOccurrencesOfString:@";10.6_ONLY" | 371 stringByReplacingOccurrencesOfString:@";10.6_ONLY" |
| 354 withString:@""]; | 372 withString:@""]; |
| 355 // Splice the path of the user's home directory into the sandbox profile | 373 // Splice the path of the user's home directory into the sandbox profile |
| 356 // (see renderer.sb for details). | 374 // (see renderer.sb for details). |
| 357 // This code is in the 10.6-only block because the sandbox syntax we use | 375 // This code is in the 10.6-only block because the sandbox syntax we use |
| 358 // for this "subdir" is only supported on 10.6. | 376 // for this "subdir" is only supported on 10.6. |
| 359 // If we ever need this on pre-10.6 OSs then we'll have to rethink the | 377 // If we ever need this on pre-10.6 OSs then we'll have to rethink the |
| 360 // surrounding sandbox syntax. | 378 // surrounding sandbox syntax. |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 403 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { | 421 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { |
| 404 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " | 422 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " |
| 405 << path->value(); | 423 << path->value(); |
| 406 return; | 424 return; |
| 407 } | 425 } |
| 408 | 426 |
| 409 *path = FilePath(canonical_path); | 427 *path = FilePath(canonical_path); |
| 410 } | 428 } |
| 411 | 429 |
| 412 } // namespace sandbox | 430 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3155031:
[Mac] Disable all sandboxd logging unless running with --enable-sandbox-logging. (Closed)
Base URL: http://src.chromium.org/git/chromium.git