content/browser/bootstrap_sandbox_manager_mac.cc - Issue 2271653006: base::mac::IsOSSierra() -> base::mac::IsOS10_12(), etc.

Side by Side Diff: content/browser/bootstrap_sandbox_manager_mac.cc

Issue 2271653006: base::mac::IsOSSierra() -> base::mac::IsOS10_12(), etc. (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master

Patch Set: Nits Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « content/browser/accessibility/browser_accessibility_manager_mac.mm ('k') | content/common/sandbox_mac.mm » ('j') | no next file with comments »

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/bootstrap_sandbox_manager_mac.h"	5 #include "content/browser/bootstrap_sandbox_manager_mac.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "base/mac/mac_util.h"	8 #include "base/mac/mac_util.h"

9 #include "content/browser/mach_broker_mac.h"	9 #include "content/browser/mach_broker_mac.h"

10 #include "content/common/sandbox_init_mac.h"	10 #include "content/common/sandbox_init_mac.h"

(...skipping 62 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
73 sandbox::Rule(sandbox::POLICY_ALLOW);	73 sandbox::Rule(sandbox::POLICY_ALLOW);

74	74

75 // Allow access to the windowserver. This is needed to get the colorspace	75 // Allow access to the windowserver. This is needed to get the colorspace

76 // during sandbox warmup. Since NSColorSpace conforms to NSCoding, this	76 // during sandbox warmup. Since NSColorSpace conforms to NSCoding, this

77 // should be plumbed over IPC instead <http://crbug.com/265709>.	77 // should be plumbed over IPC instead <http://crbug.com/265709>.

78 policy.rules["com.apple.windowserver.active"] =	78 policy.rules["com.apple.windowserver.active"] =

79 sandbox::Rule(sandbox::POLICY_ALLOW);	79 sandbox::Rule(sandbox::POLICY_ALLOW);

80	80

81 // Allow access to launchservicesd on 10.10+ otherwise the renderer will crash	81 // Allow access to launchservicesd on 10.10+ otherwise the renderer will crash

82 // attempting to get its ASN. http://crbug.com/533537	82 // attempting to get its ASN. http://crbug.com/533537

83 if (base::mac::IsOSYosemiteOrLater()) {	83 if (base::mac::IsAtLeastOS10_10()) {

84 policy.rules["com.apple.coreservices.launchservicesd"] =	84 policy.rules["com.apple.coreservices.launchservicesd"] =

85 sandbox::Rule(sandbox::POLICY_ALLOW);	85 sandbox::Rule(sandbox::POLICY_ALLOW);

86 }	86 }

87	87

88 sandbox_->RegisterSandboxPolicy(SANDBOX_TYPE_RENDERER, policy);	88 sandbox_->RegisterSandboxPolicy(SANDBOX_TYPE_RENDERER, policy);

89 }	89 }

90	90

91 void BootstrapSandboxManager::AddBaselinePolicy(	91 void BootstrapSandboxManager::AddBaselinePolicy(

92 sandbox::BootstrapSandboxPolicy* policy) {	92 sandbox::BootstrapSandboxPolicy* policy) {

93 auto& rules = policy->rules;	93 auto& rules = policy->rules;

94	94

95 // Allow the child to send its task port to the MachBroker.	95 // Allow the child to send its task port to the MachBroker.

96 rules[MachBroker::GetMachPortName()] = sandbox::Rule(sandbox::POLICY_ALLOW);	96 rules[MachBroker::GetMachPortName()] = sandbox::Rule(sandbox::POLICY_ALLOW);

97	97

98 // Allow logging to the syslog.	98 // Allow logging to the syslog.

99 rules["com.apple.system.logger"] = sandbox::Rule(sandbox::POLICY_ALLOW);	99 rules["com.apple.system.logger"] = sandbox::Rule(sandbox::POLICY_ALLOW);

100 }	100 }

101	101

102 } // namespace content	102 } // namespace content

OLD	NEW