Diff
Modified: trunk/Source/WebKit2/ChangeLog (128835 => 128836)
--- trunk/Source/WebKit2/ChangeLog 2012-09-18 01:23:07 UTC (rev 128835)
+++ trunk/Source/WebKit2/ChangeLog 2012-09-18 01:31:50 UTC (rev 128836)
@@ -1,3 +1,25 @@
+2012-09-17 Sam Weinig <[email protected]>
+
+ Add experimental code to enter a sandbox for a plug-in.
+ Based on a patch by Ivan Krstić.
+ <rdar://problem/11823151>
+
+ Reviewed by Anders Carlsson.
+
+ Enter a sandbox for a plug-in if a sandbox profile is found in /usr/share/sandbox/ that
+ has the plug-ins bundle identifier for a name.
+
+ * PluginProcess/mac/PluginProcessMac.mm:
+ (WebKit::initializeSandbox):
+ (WebKit::PluginProcess::platformInitialize):
+ Enter the sandbox provided if a profile can be found.
+
+ * WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h:
+ * WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm:
+ (enterSandbox):
+ Factor out the core sandbox entering logic (so if can be used above) and make sure
+ that Remote Save Panel is enabled.
+
2012-09-17 Mark Hahnenberg <[email protected]>
Fixing the build after http://trac.webkit.org/changeset/128813
Modified: trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm (128835 => 128836)
--- trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm 2012-09-18 01:23:07 UTC (rev 128835)
+++ trunk/Source/WebKit2/PluginProcess/mac/PluginProcessMac.mm 2012-09-18 01:31:50 UTC (rev 128836)
@@ -30,6 +30,7 @@
#if ENABLE(PLUGIN_PROCESS)
#import "NetscapePlugin.h"
+#import "NetscapeSandboxFunctions.h"
#import "PluginProcessShim.h"
#import "PluginProcessProxyMessages.h"
#import "PluginProcessCreationParameters.h"
@@ -262,6 +263,31 @@
m_connection->send(Messages::PluginProcessProxy::SetFullscreenWindowIsShowing(fullscreenWindowIsShowing), 0);
}
+static void initializeSandbox(const String& pluginPath)
+{
+ RetainPtr<CFStringRef> cfPluginPath = adoptCF(pluginPath.createCFString());
+ RetainPtr<CFURLRef> pluginURL = adoptCF(CFURLCreateWithFileSystemPath(0, cfPluginPath.get(), kCFURLPOSIXPathStyle, false));
+ if (!pluginURL)
+ return;
+
+ RetainPtr<CFBundleRef> pluginBundle = adoptCF(CFBundleCreate(kCFAllocatorDefault, pluginURL.get()));
+ if (!pluginBundle)
+ return;
+
+ CFStringRef bundleIdentifier = CFBundleGetIdentifier(pluginBundle.get());
+ if (!bundleIdentifier)
+ return;
+
+ RetainPtr<CFStringRef> sandboxFileName = CFStringCreateWithFormat(0, 0, CFSTR("%@.sb"), bundleIdentifier);
+ RetainPtr<CFURLRef> pluginSandboxDirectory = adoptCF(CFURLCreateWithFileSystemPath(0, CFSTR("/usr/share/sandbox/"), kCFURLPOSIXPathStyle, YES));
+ RetainPtr<CFURLRef> sandboxURL = adoptCF(CFURLCreateWithFileSystemPathRelativeToBase(0, sandboxFileName.get(), kCFURLPOSIXPathStyle, FALSE, pluginSandboxDirectory.get()));
+ RetainPtr<NSString> profileString = [[NSString alloc] initWithContentsOfURL:(NSURL *)sandboxURL.get() encoding:NSUTF8StringEncoding error:NULL];
+ if (!profileString)
+ return;
+
+ enterSandbox([profileString.get() UTF8String], 0, 0);
+}
+
void PluginProcess::platformInitialize(const PluginProcessCreationParameters& parameters)
{
m_compositingRenderServerPort = parameters.acceleratedCompositingPort.port();
@@ -273,6 +299,8 @@
(NSString *)parameters.parentProcessName];
WKSetVisibleApplicationName((CFStringRef)applicationName);
+
+ initializeSandbox(m_pluginPath);
}
} // namespace WebKit
Modified: trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h (128835 => 128836)
--- trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h 2012-09-18 01:23:07 UTC (rev 128835)
+++ trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.h 2012-09-18 01:31:50 UTC (rev 128836)
@@ -51,7 +51,10 @@
WKN_FileStopAccessingProcPtr fileStopAccessing;
} WKNSandboxFunctions;
+// FIXME: This header is mostly "API", except for the following two functions. We should
+// move the declarations to a seperate header.
WKNSandboxFunctions* netscapeSandboxFunctions();
+NPError enterSandbox(const char* sandboxProfile, const char* readOnlyPaths[], const char* readWritePaths[]);
#ifdef __cplusplus
}
Modified: trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm (128835 => 128836)
--- trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm 2012-09-18 01:23:07 UTC (rev 128835)
+++ trunk/Source/WebKit2/WebProcess/Plugins/Netscape/mac/NetscapeSandboxFunctions.mm 2012-09-18 01:31:50 UTC (rev 128836)
@@ -94,15 +94,11 @@
return result;
}
-NPError WKN_EnterSandbox(const char* readOnlyPaths[], const char* readWritePaths[])
+NPError enterSandbox(const char* sandboxProfile, const char* readOnlyPaths[], const char* readWritePaths[])
{
if (enteredSandbox)
return NPERR_GENERIC_ERROR;
- CString profile = ""
- if (profile.isNull())
- exit(EX_NOPERM);
-
#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 1080
// Use private temporary and cache directories.
String systemDirectorySuffix = "com.apple.WebKit.PluginProcess+" + PluginProcess::shared().netscapePluginModule()->module()->bundleIdentifier();
@@ -157,7 +153,7 @@
exit(EX_NOPERM);
const char* sandboxParameters[] = { "HOME_DIR", homeDirectory, 0, 0 };
- if (!WKEnterPluginSandbox(profile.data(), sandboxParameters, extendedReadOnlyPaths.data(), extendedReadWritePaths.data())) {
+ if (!WKEnterPluginSandbox(sandboxProfile, sandboxParameters, extendedReadOnlyPaths.data(), extendedReadWritePaths.data())) {
WTFLogAlways("Couldn't initialize sandbox profile\n");
exit(EX_NOPERM);
}
@@ -169,9 +165,22 @@
free(homeDirectory);
enteredSandbox = true;
+
+ RetainPtr<NSDictionary> defaults = adoptNS([[NSDictionary alloc] initWithObjectsAndKeys:[NSNumber numberWithBool:YES], @"NSUseRemoteSavePanel", nil]);
+ [[NSUserDefaults standardUserDefaults] registerDefaults:defaults.get()];
+
return NPERR_NO_ERROR;
}
+NPError WKN_EnterSandbox(const char* readOnlyPaths[], const char* readWritePaths[])
+{
+ CString profile = ""
+ if (profile.isNull())
+ exit(EX_NOPERM);
+
+ return enterSandbox(profile.data(), readOnlyPaths, readWritePaths);
+}
+
NPError WKN_FileStopAccessing(const char* path)
{
if (!enteredSandbox)
