Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(758)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/gpu.sb

Issue 2919963003: Update sandbox profiles and remove regular expressions. (Closed)
Patch Set: Remove string quoting Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/common/common.sb » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 ;; 1 ;;
2 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved.
3 ;; Use of this source code is governed by a BSD-style license that can be 3 ;; Use of this source code is governed by a BSD-style license that can be
4 ;; found in the LICENSE file. 4 ;; found in the LICENSE file.
5 ;; 5 ;;
6 6
7 ; *** The contents of content/common/common.sb are implicitly included here. *** 7 ; *** The contents of content/common/common.sb are implicitly included here. ***
8 8
9 ; Allow communication between the GPU process and the UI server. 9 ; Allow communication between the GPU process and the UI server.
10 (allow mach-lookup (global-name "com.apple.tsm.uiserver")) 10 (allow mach-lookup (global-name "com.apple.tsm.uiserver"))
11 11
12 (allow file-read-metadata (literal "/")) 12 (allow file-read-metadata (literal "/"))
13 13
14 ; Needed for WebGL - crbug.com/75343 14 ; Needed for WebGL - crbug.com/75343
15 (allow iokit-open 15 (allow iokit-open
16 (iokit-connection "IOAccelerator") 16 (iokit-connection "IOAccelerator")
17 (iokit-user-client-class "IOAccelerationUserClient") 17 (iokit-user-client-class "IOAccelerationUserClient")
18 (iokit-user-client-class "IOFramebufferSharedUserClient") 18 (iokit-user-client-class "IOFramebufferSharedUserClient")
19 (iokit-user-client-class "AppleGraphicsControlClient") 19 (iokit-user-client-class "AppleGraphicsControlClient")
20 (iokit-user-client-class "AGPMClient") 20 (iokit-user-client-class "AGPMClient")
21 (iokit-user-client-class "IOHIDParamUserClient") 21 (iokit-user-client-class "IOHIDParamUserClient")
22 (iokit-user-client-class "RootDomainUserClient") 22 (iokit-user-client-class "RootDomainUserClient")
23 (iokit-user-client-class "IOSurfaceRootUserClient") 23 (iokit-user-client-class "IOSurfaceRootUserClient")
24 (iokit-user-client-class "IOSurfaceSendRight")) 24 (iokit-user-client-class "IOSurfaceSendRight"))
25 25
26 ; https://crbug.com/515280 26 ; https://crbug.com/515280
27 (if (param-true? elcap-or-later) 27 (if (param-true? elcap-or-later)
28 (allow file-read* (regex #"^/System/Library/Extensions($|/)"))) 28 (allow file-read* (subpath "/System/Library/Extensions")))
OLDNEW
« no previous file with comments | « no previous file | content/common/common.sb » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698