| OLD | NEW |
|---|
| 1 ;; | 1 ;; |
| 2 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved. | 2 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 3 ;; Use of this source code is governed by a BSD-style license that can be | 3 ;; Use of this source code is governed by a BSD-style license that can be |
| 4 ;; found in the LICENSE file. | 4 ;; found in the LICENSE file. |
| 5 ;; | 5 ;; |
| 6 | 6 |
| 7 ; *** The contents of content/common/common.sb are implicitly included here. *** | 7 ; *** The contents of content/common/common.sb are implicitly included here. *** |
| 8 | 8 |
| 9 ; Needed for Fonts. | 9 ; Needed for Fonts. |
| 10 (allow file-read* (regex #"^/System/Library/Fonts($|/)")) | 10 (allow file-read* (regex #"^/System/Library/Fonts($|/)")) |
| 11 (allow file-read* (regex #"^/Library/Fonts($|/)")) | 11 (allow file-read* (regex #"^/Library/Fonts($|/)")) |
| 12 (allow mach-lookup (global-name "com.apple.FontObjectsServer")) | 12 (allow mach-lookup (global-name "com.apple.FontObjectsServer")) |
| 13 (allow mach-lookup (global-name "com.apple.FontServer")) | 13 (allow mach-lookup (global-name "com.apple.FontServer")) |
| 14 (allow mach-lookup (global-name "com.apple.fonts")) | 14 (allow mach-lookup (global-name "com.apple.fonts")) |
| 15 | 15 |
| 16 (allow file-read* | 16 (allow file-read* |
| 17 (regex #"^/System/Library/ColorSync($|/)") ; https://crbug.com/46648 | 17 (regex #"^/System/Library/ColorSync($|/)") ; https://crbug.com/46648 |
| 18 (regex #"^/System/Library/Keyboard Layouts($|/)") ; https://crbug.com/152566 | 18 (regex #"^/System/Library/Keyboard Layouts($|/)") ; https://crbug.com/152566 |
| 19 (literal "/Library/Preferences/.GlobalPreferences.plist") ; https://crbug.com/
60917 | 19 (literal "/Library/Preferences/.GlobalPreferences.plist") ; https://crbug.com/
60917 |
| 20 (literal (user-homedir-path "/Library/Preferences/.GlobalPreferences.plist"))) | 20 (literal (user-homedir-path "/Library/Preferences/.GlobalPreferences.plist")) |
| 21 | 21 (subpath "/dev/null") |
| 22 (subpath "/Users") |
| 23 (subpath (user-homedir-path "/var/folders/r9/jzvqy3jx469g9m949xkt42qc00cb85/C/
org.chromium.Chromium.helper")) |
| 24 (subpath (user-homedir-path "/p/mac/src")) |
| 25 (subpath (user-homedir-path "/Library/Caches/org.chromium.Chromium.helper")) |
| 26 (subpath (user-homedir-path "/Library/Caches/com.apple.vision"))) |
| 22 ; https://crbug.com/11269 | 27 ; https://crbug.com/11269 |
| 23 (allow file-read* (subpath (user-homedir-path "/Library/Fonts"))) | 28 (allow file-read* (subpath (user-homedir-path "/Library/Fonts"))) |
| 24 | 29 |
| 25 ; https://crbug.com/60917 | 30 ; https://crbug.com/60917 |
| 26 (allow file-read-metadata | 31 (allow file-read-metadata |
| 27 (literal "/") | 32 (literal "/") |
| 28 (literal "/var")) | 33 (literal "/var")) |
| 29 | 34 |
| 30 ; https://crbug.com/288697 | 35 ; https://crbug.com/288697 |
| 31 (allow file-read* | 36 (allow file-read* |
| 32 (regex #"^/(private/)?etc/localtime$") | 37 (regex #"^/(private/)?etc/localtime$") |
| 33 (regex #"^/usr/share/zoneinfo/")) | 38 (regex #"^/usr/share/zoneinfo/")) |
| 34 | 39 |
| 35 (allow file-read-metadata (regex #"^/(private/)?etc$")) | 40 (allow file-read-metadata (regex #"^/(private/)?etc$")) |
| 36 | 41 |
| 37 ; https://crbug.com/605840 | 42 ; https://crbug.com/605840 |
| 38 ; file-read-metadata /System/Library/LinguisticData/en/US/hyphenation.dat | 43 ; file-read-metadata /System/Library/LinguisticData/en/US/hyphenation.dat |
| 39 ; for CFStringIsHyphenationAvailableForLocale and CFStringGetHyphenationLocation
BeforeIndex | 44 ; for CFStringIsHyphenationAvailableForLocale and CFStringGetHyphenationLocation
BeforeIndex |
| 40 (allow file-read* (subpath "/System/Library/LinguisticData")) | 45 (allow file-read* (subpath "/System/Library/LinguisticData")) |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2507283002:
Add warmup and sandbox file-read permission for testing
