summaryrefslogtreecommitdiffstats
path: root/dom/ipc/ContentChild.cpp
diff options
context:
space:
mode:
authorMoonchild <mcwerewolf@gmail.com>2018-05-04 09:09:10 +0200
committerGitHub <noreply@github.com>2018-05-04 09:09:10 +0200
commit4a2aeb152e48c44efa57c140660e99792f4dd350 (patch)
tree7b786de2b175122814a53232268b1147a8bd0bfb /dom/ipc/ContentChild.cpp
parent20532e13937ab5fc8efcb2bfc4c0070dace40cd1 (diff)
parentf265784e8cabaff17f4554cf2bd2c30217b6ec0f (diff)
downloadUXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar
UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.gz
UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.lz
UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.xz
UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.zip
Merge pull request #323 from MoonchildProductions/nuke-sandbox
Nuke sandbox
Diffstat (limited to 'dom/ipc/ContentChild.cpp')
-rw-r--r--dom/ipc/ContentChild.cpp196
1 files changed, 0 insertions, 196 deletions
diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp
index 75678ca96..d7068c6c3 100644
--- a/dom/ipc/ContentChild.cpp
+++ b/dom/ipc/ContentChild.cpp
@@ -65,21 +65,6 @@
#include "imgLoader.h"
#include "GMPServiceChild.h"
-#if defined(MOZ_CONTENT_SANDBOX)
-#if defined(XP_WIN)
-#define TARGET_SANDBOX_EXPORTS
-#include "mozilla/sandboxTarget.h"
-#elif defined(XP_LINUX)
-#include "mozilla/Sandbox.h"
-#include "mozilla/SandboxInfo.h"
-
-// Remove this include with Bug 1104619
-#include "CubebUtils.h"
-#elif defined(XP_MACOSX)
-#include "mozilla/Sandbox.h"
-#endif
-#endif
-
#include "mozilla/Unused.h"
#include "mozInlineSpellChecker.h"
@@ -1250,192 +1235,11 @@ ContentChild::AllocPProcessHangMonitorChild(Transport* aTransport,
return CreateHangMonitorChild(aTransport, aOtherProcess);
}
-#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
-
-#include <stdlib.h>
-
-static bool
-GetAppPaths(nsCString &aAppPath, nsCString &aAppBinaryPath, nsCString &aAppDir)
-{
- nsAutoCString appPath;
- nsAutoCString appBinaryPath(
- (CommandLine::ForCurrentProcess()->argv()[0]).c_str());
-
- nsAutoCString::const_iterator start, end;
- appBinaryPath.BeginReading(start);
- appBinaryPath.EndReading(end);
- if (RFindInReadable(NS_LITERAL_CSTRING(".app/Contents/MacOS/"), start, end)) {
- end = start;
- ++end; ++end; ++end; ++end;
- appBinaryPath.BeginReading(start);
- appPath.Assign(Substring(start, end));
- } else {
- return false;
- }
-
- nsCOMPtr<nsIFile> app, appBinary;
- nsresult rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(appPath),
- true, getter_AddRefs(app));
- if (NS_FAILED(rv)) {
- return false;
- }
- rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(appBinaryPath),
- true, getter_AddRefs(appBinary));
- if (NS_FAILED(rv)) {
- return false;
- }
-
- nsCOMPtr<nsIFile> appDir;
- nsCOMPtr<nsIProperties> dirSvc =
- do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID);
- if (!dirSvc) {
- return false;
- }
- rv = dirSvc->Get(NS_XPCOM_CURRENT_PROCESS_DIR,
- NS_GET_IID(nsIFile), getter_AddRefs(appDir));
- if (NS_FAILED(rv)) {
- return false;
- }
- bool exists;
- rv = appDir->Exists(&exists);
- if (NS_FAILED(rv) || !exists) {
- return false;
- }
-
- bool isLink;
- app->IsSymlink(&isLink);
- if (isLink) {
- app->GetNativeTarget(aAppPath);
- } else {
- app->GetNativePath(aAppPath);
- }
- appBinary->IsSymlink(&isLink);
- if (isLink) {
- appBinary->GetNativeTarget(aAppBinaryPath);
- } else {
- appBinary->GetNativePath(aAppBinaryPath);
- }
- appDir->IsSymlink(&isLink);
- if (isLink) {
- appDir->GetNativeTarget(aAppDir);
- } else {
- appDir->GetNativePath(aAppDir);
- }
-
- return true;
-}
-
-static bool
-StartMacOSContentSandbox()
-{
- int sandboxLevel = Preferences::GetInt("security.sandbox.content.level");
- if (sandboxLevel < 1) {
- return false;
- }
-
- nsAutoCString appPath, appBinaryPath, appDir;
- if (!GetAppPaths(appPath, appBinaryPath, appDir)) {
- MOZ_CRASH("Error resolving child process path");
- }
-
- // During sandboxed content process startup, before reaching
- // this point, NS_OS_TEMP_DIR is modified to refer to a sandbox-
- // writable temporary directory
- nsCOMPtr<nsIFile> tempDir;
- nsresult rv = nsDirectoryService::gService->Get(NS_OS_TEMP_DIR,
- NS_GET_IID(nsIFile), getter_AddRefs(tempDir));
- if (NS_FAILED(rv)) {
- MOZ_CRASH("Failed to get NS_OS_TEMP_DIR");
- }
-
- nsAutoCString tempDirPath;
- tempDir->Normalize();
- rv = tempDir->GetNativePath(tempDirPath);
- if (NS_FAILED(rv)) {
- MOZ_CRASH("Failed to get NS_OS_TEMP_DIR path");
- }
-
- nsCOMPtr<nsIFile> profileDir;
- ContentChild::GetSingleton()->GetProfileDir(getter_AddRefs(profileDir));
- nsCString profileDirPath;
- if (profileDir) {
- rv = profileDir->GetNativePath(profileDirPath);
- if (NS_FAILED(rv) || profileDirPath.IsEmpty()) {
- MOZ_CRASH("Failed to get profile path");
- }
- }
-
- MacSandboxInfo info;
- info.type = MacSandboxType_Content;
- info.level = info.level = sandboxLevel;
- info.appPath.assign(appPath.get());
- info.appBinaryPath.assign(appBinaryPath.get());
- info.appDir.assign(appDir.get());
- info.appTempDir.assign(tempDirPath.get());
-
- if (profileDir) {
- info.hasSandboxedProfile = true;
- info.profileDir.assign(profileDirPath.get());
- } else {
- info.hasSandboxedProfile = false;
- }
-
- std::string err;
- if (!mozilla::StartMacSandbox(info, err)) {
- NS_WARNING(err.c_str());
- MOZ_CRASH("sandbox_init() failed");
- }
-
- return true;
-}
-#endif
-
bool
ContentChild::RecvSetProcessSandbox(const MaybeFileDesc& aBroker)
{
// We may want to move the sandbox initialization somewhere else
// at some point; see bug 880808.
-#if defined(MOZ_CONTENT_SANDBOX)
- bool sandboxEnabled = true;
-#if defined(XP_LINUX)
-#if defined(MOZ_WIDGET_GONK) && ANDROID_VERSION >= 19
- // For B2G >= KitKat, sandboxing is mandatory; this has already
- // been enforced by ContentParent::StartUp().
- MOZ_ASSERT(SandboxInfo::Get().CanSandboxContent());
-#else
- // Otherwise, sandboxing is best-effort.
- if (!SandboxInfo::Get().CanSandboxContent()) {
- sandboxEnabled = false;
- } else {
- // This triggers the initialization of cubeb, which needs to happen
- // before seccomp is enabled (Bug 1259508). It also increases the startup
- // time of the content process, because cubeb is usually initialized
- // when it is actually needed. This call here is no longer required
- // once Bug 1104619 (remoting audio) is resolved.
- Unused << CubebUtils::GetCubebContext();
- }
-
-#endif /* MOZ_WIDGET_GONK && ANDROID_VERSION >= 19 */
- if (sandboxEnabled) {
- int brokerFd = -1;
- if (aBroker.type() == MaybeFileDesc::TFileDescriptor) {
- auto fd = aBroker.get_FileDescriptor().ClonePlatformHandle();
- brokerFd = fd.release();
- // brokerFd < 0 means to allow direct filesystem access, so
- // make absolutely sure that doesn't happen if the parent
- // didn't intend it.
- MOZ_RELEASE_ASSERT(brokerFd >= 0);
- }
- sandboxEnabled = SetContentProcessSandbox(brokerFd);
- }
-#elif defined(XP_WIN)
- mozilla::SandboxTarget::Instance()->StartSandbox();
-#elif defined(XP_MACOSX)
- sandboxEnabled = StartMacOSContentSandbox();
-#endif
-
-#endif /* MOZ_CONTENT_SANDBOX */
-
return true;
}