Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(15)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/renderer/renderer.sb

Issue 1186233004: Refactor OS X sandbox processing and audit sandbox files (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Move struct to anon namespace and use static_cast<> Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/ppapi_plugin/ppapi.sb ('k') | content/utility/utility.sb » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 ;; 1 ;;
2 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved.
3 ;; Use of this source code is governed by a BSD-style license that can be 3 ;; Use of this source code is governed by a BSD-style license that can be
4 ;; found in the LICENSE file. 4 ;; found in the LICENSE file.
5 ;; 5 ;;
6 6
7 ; *** The contents of content/common/common.sb are implicitly included here. *** 7 ; *** The contents of content/common/common.sb are implicitly included here. ***
8 8
9 ; Needed for Fonts. 9 ; Needed for Fonts.
10 (allow file-read* (regex #"^/System/Library/Fonts($|/)")) ; 10.5.6 10 (allow file-read* (regex #"^/System/Library/Fonts($|/)"))
11 ; 10.6 for loading fonts in the renderer.
12 ; on 10.5 this is needed for the PDF plugin.
13 (allow file-read* (regex #"^/Library/Fonts($|/)")) 11 (allow file-read* (regex #"^/Library/Fonts($|/)"))
14 (allow mach-lookup (global-name "com.apple.FontObjectsServer")) ; 10.5.6 12 (allow mach-lookup (global-name "com.apple.FontObjectsServer"))
15 (allow mach-lookup (global-name "com.apple.FontServer")) ; 10.6 13 (allow mach-lookup (global-name "com.apple.FontServer"))
16 14
17 (allow file-read* 15 (allow file-read*
18 (regex #"^/System/Library/ColorSync($|/)") ; 10.5.6 - http://crbug.com/46648 16 (regex #"^/System/Library/ColorSync($|/)") ; http://crbug.com/46648
19 (regex #"^/System/Library/Keyboard Layouts($|/)") ; http://crbug.com/152566 17 (regex #"^/System/Library/Keyboard Layouts($|/)") ; http://crbug.com/152566
20 (literal "/Library/Preferences/.GlobalPreferences.plist") ; http://crbug.com/6 0917 18 (literal "/Library/Preferences/.GlobalPreferences.plist") ; http://crbug.com/6 0917
21 (literal "@USER_HOMEDIR_AS_LITERAL@/Library/Preferences/.GlobalPreferences.pli st") 19 (literal (user-homedir-path "/Library/Preferences/.GlobalPreferences.plist"))
22 ) 20 )
23 21
24 ; http://crbug.com/11269 22 ; http://crbug.com/11269
25 (allow file-read* (subpath "@USER_HOMEDIR_AS_LITERAL@/Library/Fonts")) ; 10.6 23 (allow file-read* (subpath (user-homedir-path "/Library/Fonts")))
26 24
27 ; http://crbug.com/60917 25 ; http://crbug.com/60917
28 (allow file-read-metadata 26 (allow file-read-metadata
29 (literal "/") 27 (literal "/")
30 (literal "/var") 28 (literal "/var")
31 ) 29 )
32 30
33 ; http://crbug.com/288697 31 ; http://crbug.com/288697
34 (allow file-read* 32 (allow file-read*
35 (regex #"^/(private/)?etc/localtime$") 33 (regex #"^/(private/)?etc/localtime$")
36 (regex #"^/usr/share/zoneinfo/") 34 (regex #"^/usr/share/zoneinfo/")
37 ) 35 )
38 (allow file-read-metadata 36 (allow file-read-metadata
39 (regex #"^/(private/)?etc$") 37 (regex #"^/(private/)?etc$")
40 ) 38 )
OLDNEW
« no previous file with comments | « content/ppapi_plugin/ppapi.sb ('k') | content/utility/utility.sb » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698