diff options
Diffstat (limited to 'dom')
-rw-r--r-- | dom/ipc/moz.build | 6 | ||||
-rw-r--r-- | dom/media/gmp/GMPProcessParent.cpp | 34 | ||||
-rw-r--r-- | dom/media/gmp/rlz/GMPDeviceBinding.cpp | 8 | ||||
-rw-r--r-- | dom/media/gmp/rlz/moz.build | 7 | ||||
-rw-r--r-- | dom/plugins/base/nsPluginTags.cpp | 19 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginProcessChild.cpp | 10 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginProcessParent.cpp | 85 | ||||
-rw-r--r-- | dom/plugins/ipc/moz.build | 6 |
8 files changed, 1 insertions, 174 deletions
diff --git a/dom/ipc/moz.build b/dom/ipc/moz.build index 1a0527dae..1dbe1fedb 100644 --- a/dom/ipc/moz.build +++ b/dom/ipc/moz.build @@ -140,12 +140,6 @@ LOCAL_INCLUDES += [ '/xpcom/threads', ] -if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT': - LOCAL_INCLUDES += [ - '/security/sandbox/chromium', - '/security/sandbox/chromium-shim', - ] - if CONFIG['OS_ARCH'] != 'WINNT': LOCAL_INCLUDES += [ '/modules/libjar', diff --git a/dom/media/gmp/GMPProcessParent.cpp b/dom/media/gmp/GMPProcessParent.cpp index 2fe7306a4..ef58175e8 100644 --- a/dom/media/gmp/GMPProcessParent.cpp +++ b/dom/media/gmp/GMPProcessParent.cpp @@ -8,9 +8,6 @@ #include "GMPUtils.h" #include "nsIFile.h" #include "nsIRunnable.h" -#if defined(XP_WIN) && defined(MOZ_SANDBOX) -#include "WinUtils.h" -#endif #include "base/string_util.h" #include "base/process_util.h" @@ -56,38 +53,7 @@ GMPProcessParent::Launch(int32_t aTimeoutMs) vector<string> args; -#if defined(XP_WIN) && defined(MOZ_SANDBOX) - std::wstring wGMPPath = UTF8ToWide(mGMPPath.c_str()); - - // The sandbox doesn't allow file system rules where the paths contain - // symbolic links or junction points. Sometimes the Users folder has been - // moved to another drive using a junction point, so allow for this specific - // case. See bug 1236680 for details. - if (!widget::WinUtils::ResolveJunctionPointsAndSymLinks(wGMPPath)) { - GMP_LOG("ResolveJunctionPointsAndSymLinks failed for GMP path=%S", - wGMPPath.c_str()); - NS_WARNING("ResolveJunctionPointsAndSymLinks failed for GMP path."); - return false; - } - GMP_LOG("GMPProcessParent::Launch() resolved path to %S", wGMPPath.c_str()); - - // If the GMP path is a network path that is not mapped to a drive letter, - // then we need to fix the path format for the sandbox rule. - wchar_t volPath[MAX_PATH]; - if (::GetVolumePathNameW(wGMPPath.c_str(), volPath, MAX_PATH) && - ::GetDriveTypeW(volPath) == DRIVE_REMOTE && - wGMPPath.compare(0, 2, L"\\\\") == 0) { - std::wstring sandboxGMPPath(wGMPPath); - sandboxGMPPath.insert(1, L"??\\UNC"); - mAllowedFilesRead.push_back(sandboxGMPPath + L"\\*"); - } else { - mAllowedFilesRead.push_back(wGMPPath + L"\\*"); - } - - args.push_back(WideToUTF8(wGMPPath)); -#else args.push_back(mGMPPath); -#endif args.push_back(string(voucherPath.BeginReading(), voucherPath.EndReading())); diff --git a/dom/media/gmp/rlz/GMPDeviceBinding.cpp b/dom/media/gmp/rlz/GMPDeviceBinding.cpp index c8aee2bcd..3525f0462 100644 --- a/dom/media/gmp/rlz/GMPDeviceBinding.cpp +++ b/dom/media/gmp/rlz/GMPDeviceBinding.cpp @@ -12,10 +12,6 @@ #ifdef XP_WIN #include "windows.h" -#ifdef MOZ_SANDBOX -#include <intrin.h> -#include <assert.h> -#endif #endif #if defined(HASH_NODE_ID_WITH_DEVICE_ID) @@ -35,10 +31,6 @@ #ifdef XP_WIN #include "windows.h" -#ifdef MOZ_SANDBOX -#include <intrin.h> -#include <assert.h> -#endif #endif #ifdef XP_MACOSX diff --git a/dom/media/gmp/rlz/moz.build b/dom/media/gmp/rlz/moz.build index f366c2b5d..5e85357f1 100644 --- a/dom/media/gmp/rlz/moz.build +++ b/dom/media/gmp/rlz/moz.build @@ -13,13 +13,6 @@ UNIFIED_SOURCES += [ 'GMPDeviceBinding.cpp', ] -if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_TARGET'] in ['WINNT', 'Darwin']: - DEFINES['HASH_NODE_ID_WITH_DEVICE_ID'] = 1; - UNIFIED_SOURCES += [ - 'lib/string_utils.cc', - 'sha256.c', - ] - if CONFIG['OS_TARGET'] == 'WINNT': UNIFIED_SOURCES += [ 'win/lib/machine_id_win.cc', diff --git a/dom/plugins/base/nsPluginTags.cpp b/dom/plugins/base/nsPluginTags.cpp index ddc3968fd..216502b8a 100644 --- a/dom/plugins/base/nsPluginTags.cpp +++ b/dom/plugins/base/nsPluginTags.cpp @@ -427,24 +427,7 @@ void nsPluginTag::InitMime(const char* const* aMimeTypes, void nsPluginTag::InitSandboxLevel() { -#if defined(XP_WIN) && defined(MOZ_SANDBOX) - nsAutoCString sandboxPref("dom.ipc.plugins.sandbox-level."); - sandboxPref.Append(GetNiceFileName()); - if (NS_FAILED(Preferences::GetInt(sandboxPref.get(), &mSandboxLevel))) { - mSandboxLevel = Preferences::GetInt("dom.ipc.plugins.sandbox-level.default" -); - } - -#if defined(_AMD64_) - // As level 2 is now the default NPAPI sandbox level for 64-bit flash, we - // don't want to allow a lower setting unless this environment variable is - // set. This should be changed if the firefox.js pref file is changed. - if (mIsFlashPlugin && - !PR_GetEnv("MOZ_ALLOW_WEAKER_SANDBOX") && mSandboxLevel < 2) { - mSandboxLevel = 2; - } -#endif -#endif +/* STUB */ } #if !defined(XP_WIN) && !defined(XP_MACOSX) diff --git a/dom/plugins/ipc/PluginProcessChild.cpp b/dom/plugins/ipc/PluginProcessChild.cpp index eb698e8af..32bf06215 100644 --- a/dom/plugins/ipc/PluginProcessChild.cpp +++ b/dom/plugins/ipc/PluginProcessChild.cpp @@ -22,10 +22,6 @@ extern "C" CGError CGSSetDebugOptions(int options); #ifdef XP_WIN bool ShouldProtectPluginCurrentDirectory(char16ptr_t pluginFilePath); -#if defined(MOZ_SANDBOX) -#define TARGET_SANDBOX_EXPORTS -#include "mozilla/sandboxTarget.h" -#endif #endif using mozilla::ipc::IOThreadChild; @@ -107,12 +103,6 @@ PluginProcessChild::Init() pluginFilename = WideToUTF8(values[0]); -#if defined(MOZ_SANDBOX) - // This is probably the earliest we would want to start the sandbox. - // As we attempt to tighten the sandbox, we may need to consider moving this - // to later in the plugin initialization. - mozilla::SandboxTarget::Instance()->StartSandbox(); -#endif #else # error Sorry #endif diff --git a/dom/plugins/ipc/PluginProcessParent.cpp b/dom/plugins/ipc/PluginProcessParent.cpp index 2a73bce51..fb0e18246 100644 --- a/dom/plugins/ipc/PluginProcessParent.cpp +++ b/dom/plugins/ipc/PluginProcessParent.cpp @@ -14,10 +14,6 @@ #include "mozilla/Telemetry.h" #include "nsThreadUtils.h" -#if defined(XP_WIN) && defined(MOZ_SANDBOX) -#include "nsDirectoryServiceDefs.h" -#endif - using std::vector; using std::string; @@ -40,95 +36,14 @@ PluginProcessParent::~PluginProcessParent() { } -#if defined(XP_WIN) && defined(MOZ_SANDBOX) -static void -AddSandboxAllowedFile(vector<std::wstring>& aAllowedFiles, nsIProperties* aDirSvc, - const char* aDir, const nsAString& aSuffix = EmptyString()) -{ - nsCOMPtr<nsIFile> userDir; - nsresult rv = aDirSvc->Get(aDir, NS_GET_IID(nsIFile), getter_AddRefs(userDir)); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - nsAutoString userDirPath; - rv = userDir->GetPath(userDirPath); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - if (!aSuffix.IsEmpty()) { - userDirPath.Append(aSuffix); - } - aAllowedFiles.push_back(std::wstring(userDirPath.get())); - return; -} - -static void -AddSandboxAllowedFiles(int32_t aSandboxLevel, - vector<std::wstring>& aAllowedFilesRead, - vector<std::wstring>& aAllowedFilesReadWrite, - vector<std::wstring>& aAllowedDirectories) -{ - if (aSandboxLevel < 2) { - return; - } - - nsresult rv; - nsCOMPtr<nsIProperties> dirSvc = - do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - // Higher than level 2 currently removes the users own rights. - if (aSandboxLevel > 2) { - AddSandboxAllowedFile(aAllowedFilesRead, dirSvc, NS_WIN_HOME_DIR); - AddSandboxAllowedFile(aAllowedFilesRead, dirSvc, NS_WIN_HOME_DIR, - NS_LITERAL_STRING("\\*")); - } - - // Level 2 and above is now using low integrity, so we need to give write - // access to the Flash directories. - // This should be made Flash specific (Bug 1171396). - AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player\\*")); - AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_LOCAL_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player\\*")); - AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Adobe\\Flash Player\\*")); - - // Access also has to be given to create the parent directories as they may - // not exist. - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_LOCAL_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_LOCAL_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Adobe")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Adobe\\Flash Player")); -} -#endif - bool PluginProcessParent::Launch(mozilla::UniquePtr<LaunchCompleteTask> aLaunchCompleteTask, int32_t aSandboxLevel) { -#if defined(XP_WIN) && defined(MOZ_SANDBOX) - mSandboxLevel = aSandboxLevel; - AddSandboxAllowedFiles(mSandboxLevel, mAllowedFilesRead, - mAllowedFilesReadWrite, mAllowedDirectories); -#else if (aSandboxLevel != 0) { MOZ_ASSERT(false, "Can't enable an NPAPI process sandbox for platform/build."); } -#endif ProcessArchitecture currentArchitecture = base::GetCurrentProcessArchitecture(); uint32_t containerArchitectures = GetSupportedArchitecturesForProcessType(GeckoProcessType_Plugin); diff --git a/dom/plugins/ipc/moz.build b/dom/plugins/ipc/moz.build index b569aeb4c..15ed6410d 100644 --- a/dom/plugins/ipc/moz.build +++ b/dom/plugins/ipc/moz.build @@ -125,12 +125,6 @@ LOCAL_INCLUDES += [ '/xpcom/base/', ] -if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT': - LOCAL_INCLUDES += [ - '/security/sandbox/chromium', - '/security/sandbox/chromium-shim', - ] - DEFINES['FORCE_PR_LOG'] = True if CONFIG['MOZ_WIDGET_TOOLKIT'] != 'gtk3': |