chrome/renderer/renderer.sb - Issue 174254: Some tweaks to the OS X Sandbox:

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: chrome/renderer/renderer.sb

Issue 174254: Some tweaks to the OS X Sandbox: (Closed)

Patch Set: Created 11 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 ;;	1 ;;

2 ;; Copyright (c) 2009 The Chromium Authors. All rights reserved.	2 ;; Copyright (c) 2009 The Chromium Authors. All rights reserved.

3 ;; Use of this source code is governed by a BSD-style license that can be	3 ;; Use of this source code is governed by a BSD-style license that can be

4 ;; found in the LICENSE file.	4 ;; found in the LICENSE file.

5 ;;	5 ;;

6 (version 1)	6 (version 1)

7 (deny default)	7 (deny default)

8	8

9 ; Needed for full-page-zoomed checkboxes etc -- http://crbug.com/11325	9 ; Needed for full-page-zoomed controls - http://crbug.com/11325

10 (allow sysctl-read)	10 (allow sysctl-read)

11	11

12

13 ; Each line is marked with the System version that needs it.	12 ; Each line is marked with the System version that needs it.

14 ; This profile is tested with the following system versions:	13 ; This profile is tested with the following system versions:

15 ; 10.5.6, 10.6 seed release	14 ; 10.5.6, 10.6 seed release

16	15

17 ; Allow following symlinks	16 ; Allow following symlinks

18 (allow file-read-metadata) ; 10.5.6	17 (allow file-read-metadata) ; 10.5.6

19 ; Allow reading files out of /System/Library

20 (allow file-read-data (regex #"^/System/Library")) ; 10.5.6

21	18

22 ; Needed for Fonts	19 ; Loading System Libraries.

	20 (allow file-read-data (regex #"^/System/Library/Frameworks")) ; 10.5.6

	21 (allow file-read-data (regex #"^/System/Library/PrivateFrameworks")) ; 10.5.6

	22 (allow file-read-data (regex #"^/System/Library/CoreServices")) ; 10.5.6

	23

	24 ; Needed for Fonts.

	25 (allow file-read-data (regex #"^/System/Library/Fonts")) ; 10.5.6

	26 (allow file-read-data (regex #"^/Library/Fonts")) ; 10.6 seed release

23 (allow mach-lookup (global-name "com.apple.FontObjectsServer")) ; 10.5.6	27 (allow mach-lookup (global-name "com.apple.FontObjectsServer")) ; 10.5.6

24 (allow mach-lookup (global-name "com.apple.FontServer")) ; 10.6 seed release	28 (allow mach-lookup (global-name "com.apple.FontServer")) ; 10.6 seed release

25 (allow file-read-data (regex #"^/Library/Fonts")) ; 10.6 seed release	29

	30 ; USER_HOMEDIR is substitued at runtime - http://crbug.com/11269

	31 (allow file-read-data (regex #"^USER_HOMEDIR/Library/Fonts")) ; 10.6 seed relea se

26	32

27 ; Needed for IPC on 10.6	33 ; Needed for IPC on 10.6

28 (allow ipc-posix-shm)	34 (allow ipc-posix-shm)

OLD	NEW

« no previous file with comments | « base/sys_info_mac.cc ('k') | chrome/renderer/renderer_main_platform_delegate_mac.mm » ('j') | chrome/renderer/renderer_main_platform_delegate_mac.mm » ('J')