Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(129)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_mac.mm

Issue 9912001: Fix some grammar in content/common and content/public (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 8 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/common/view_messages.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/sandbox_mac.h" 5 #include "content/common/sandbox_mac.h"
6 6
7 #import <Cocoa/Cocoa.h> 7 #import <Cocoa/Cocoa.h>
8 8
9 extern "C" { 9 extern "C" {
10 #include <sandbox.h> 10 #include <sandbox.h>
(...skipping 264 matching lines...) Expand 10 before | Expand all | Expand 10 after
275 gfx::GLSurface::InitializeOneOff(); 275 gfx::GLSurface::InitializeOneOff();
276 } 276 }
277 } 277 }
278 278
279 // static 279 // static
280 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString( 280 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString(
281 const FilePath& allowed_dir, 281 const FilePath& allowed_dir,
282 SandboxVariableSubstitions* substitutions) { 282 SandboxVariableSubstitions* substitutions) {
283 // A whitelist is used to determine which directories can be statted 283 // A whitelist is used to determine which directories can be statted
284 // This means that in the case of an /a/b/c/d/ directory, we may be able to 284 // This means that in the case of an /a/b/c/d/ directory, we may be able to
285 // stat the leaf directory, but not it's parent. 285 // stat the leaf directory, but not its parent.
286 // The extension code in Chrome calls realpath() which fails if it can't call 286 // The extension code in Chrome calls realpath() which fails if it can't call
287 // stat() on one of the parent directories in the path. 287 // stat() on one of the parent directories in the path.
288 // The solution to this is to allow statting the parent directories themselves 288 // The solution to this is to allow statting the parent directories themselves
289 // but not their contents. We need to add a separate rule for each parent 289 // but not their contents. We need to add a separate rule for each parent
290 // directory. 290 // directory.
291 291
292 // The sandbox only understands "real" paths. This resolving step is 292 // The sandbox only understands "real" paths. This resolving step is
293 // needed so the caller doesn't need to worry about things like /var 293 // needed so the caller doesn't need to worry about things like /var
294 // being a link to /private/var (like in the paths CreateNewTempDirectory() 294 // being a link to /private/var (like in the paths CreateNewTempDirectory()
295 // returns). 295 // returns).
(...skipping 21 matching lines...) Expand all
317 return nil; 317 return nil;
318 } 318 }
319 319
320 NSString* subdir_escaped_ns = 320 NSString* subdir_escaped_ns =
321 base::SysUTF8ToNSString(subdir_escaped.c_str()); 321 base::SysUTF8ToNSString(subdir_escaped.c_str());
322 sandbox_command = 322 sandbox_command =
323 [sandbox_command stringByAppendingFormat:@"(literal \"%@\")", 323 [sandbox_command stringByAppendingFormat:@"(literal \"%@\")",
324 subdir_escaped_ns]; 324 subdir_escaped_ns];
325 } 325 }
326 326
327 // Finally append the leaf directory. Unlike it's parents (for which only 327 // Finally append the leaf directory. Unlike its parents (for which only
328 // stat() should be allowed), the leaf directory needs full access. 328 // stat() should be allowed), the leaf directory needs full access.
329 (*substitutions)["ALLOWED_DIR"] = 329 (*substitutions)["ALLOWED_DIR"] =
330 SandboxSubstring(allowed_dir_canonical.value(), 330 SandboxSubstring(allowed_dir_canonical.value(),
331 SandboxSubstring::REGEX); 331 SandboxSubstring::REGEX);
332 sandbox_command = 332 sandbox_command =
333 [sandbox_command 333 [sandbox_command
334 stringByAppendingString:@") (allow file-read* file-write*" 334 stringByAppendingString:@") (allow file-read* file-write*"
335 " (regex #\"@ALLOWED_DIR@\") )"]; 335 " (regex #\"@ALLOWED_DIR@\") )"];
336 return sandbox_command; 336 return sandbox_command;
337 } 337 }
(...skipping 237 matching lines...) Expand 10 before | Expand all | Expand 10 after
575 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { 575 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) {
576 DPLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " 576 DPLOG(FATAL) << "GetCanonicalSandboxPath() failed for: "
577 << path->value(); 577 << path->value();
578 return; 578 return;
579 } 579 }
580 580
581 *path = FilePath(canonical_path); 581 *path = FilePath(canonical_path);
582 } 582 }
583 583
584 } // namespace sandbox 584 } // namespace sandbox
OLDNEW
« no previous file with comments | « no previous file | content/common/view_messages.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698