Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(146)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/common.sb

Issue 16748002: Add the MacSandboxTest.NSSAccess test to content_unittests. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/common/sandbox_mac_system_access_unittest.mm » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 ;; 1 ;;
2 ;; Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 ;; Copyright (c) 2012 The Chromium Authors. All rights reserved.
3 ;; Use of this source code is governed by a BSD-style license that can be 3 ;; Use of this source code is governed by a BSD-style license that can be
4 ;; found in the LICENSE file. 4 ;; found in the LICENSE file.
5 ;; 5 ;;
6 ; This configuration file isn't used on it's own, but instead implicitly 6 ; This configuration file isn't used on it's own, but instead implicitly
7 ; included at the start of all other sandbox configuration files in Chrome. 7 ; included at the start of all other sandbox configuration files in Chrome.
8 (version 1) 8 (version 1)
9 9
10 ; DISABLE_SANDBOX_DENIAL_LOGGING expands to syntax that turns off log message 10 ; DISABLE_SANDBOX_DENIAL_LOGGING expands to syntax that turns off log message
(...skipping 19 matching lines...) Expand all
30 (allow file-read* 30 (allow file-read*
31 (regex #"^/System/Library/Frameworks($|/)") 31 (regex #"^/System/Library/Frameworks($|/)")
32 (regex #"^/System/Library/PrivateFrameworks($|/)") 32 (regex #"^/System/Library/PrivateFrameworks($|/)")
33 (regex #"^/System/Library/CoreServices($|/)")) ; 10.5.6 33 (regex #"^/System/Library/CoreServices($|/)")) ; 10.5.6
34 34
35 ; Needed for IPC on 10.6 35 ; Needed for IPC on 10.6
36 (allow ipc-posix-shm) 36 (allow ipc-posix-shm)
37 37
38 ; Allow direct access to /dev/urandom, similar to Linux/POSIX, to allow 38 ; Allow direct access to /dev/urandom, similar to Linux/POSIX, to allow
39 ; third party code (eg: bits of Adobe Flash and NSS) to function properly. 39 ; third party code (eg: bits of Adobe Flash and NSS) to function properly.
40 (allow file-read-data (literal "/dev/urandom")) 40 (allow file-read-data file-read-metadata (literal "/dev/urandom"))
wtc 2013/06/10 18:57:53 The file-read-metadata permission for /dev/urandom
41 41
42 ; Component build workaround for a dyld bug, used on OS X <= 10.6. 42 ; Component build workaround for a dyld bug, used on OS X <= 10.6.
43 ; Enables reading file metadata for the Chrome bundle and its parent paths. 43 ; Enables reading file metadata for the Chrome bundle and its parent paths.
44 ; http://crbug.com/127465 44 ; http://crbug.com/127465
45 @COMPONENT_BUILD_WORKAROUND@ 45 @COMPONENT_BUILD_WORKAROUND@
OLDNEW
« no previous file with comments | « no previous file | content/common/sandbox_mac_system_access_unittest.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698