diff options
author | Moonchild <mcwerewolf@gmail.com> | 2018-05-04 09:09:10 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-05-04 09:09:10 +0200 |
commit | 4a2aeb152e48c44efa57c140660e99792f4dd350 (patch) | |
tree | 7b786de2b175122814a53232268b1147a8bd0bfb /ipc/contentproc | |
parent | 20532e13937ab5fc8efcb2bfc4c0070dace40cd1 (diff) | |
parent | f265784e8cabaff17f4554cf2bd2c30217b6ec0f (diff) | |
download | UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.gz UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.lz UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.xz UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.zip |
Merge pull request #323 from MoonchildProductions/nuke-sandbox
Nuke sandbox
Diffstat (limited to 'ipc/contentproc')
-rw-r--r-- | ipc/contentproc/moz.build | 5 | ||||
-rw-r--r-- | ipc/contentproc/plugin-container.cpp | 92 |
2 files changed, 0 insertions, 97 deletions
diff --git a/ipc/contentproc/moz.build b/ipc/contentproc/moz.build index 07cf0b97c..f9ded56ec 100644 --- a/ipc/contentproc/moz.build +++ b/ipc/contentproc/moz.build @@ -18,8 +18,3 @@ if CONFIG['OS_ARCH'] == 'WINNT': '/xpcom/base', ] -if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT': - LOCAL_INCLUDES += [ - '/security/sandbox/chromium', - '/security/sandbox/chromium-shim', - ] diff --git a/ipc/contentproc/plugin-container.cpp b/ipc/contentproc/plugin-container.cpp index f293889b0..6a9341d7f 100644 --- a/ipc/contentproc/plugin-container.cpp +++ b/ipc/contentproc/plugin-container.cpp @@ -22,16 +22,6 @@ #include "GMPLoader.h" -#if defined(XP_WIN) && defined(MOZ_SANDBOX) -#include "mozilla/sandboxing/SandboxInitialization.h" -#include "mozilla/sandboxing/sandboxLogging.h" -#endif - -#if defined(XP_LINUX) && defined(MOZ_GMP_SANDBOX) -#include "mozilla/Sandbox.h" -#include "mozilla/SandboxInfo.h" -#endif - #ifdef MOZ_WIDGET_GONK # include <sys/time.h> # include <sys/resource.h> @@ -49,10 +39,6 @@ "Gecko:MozillaRntimeMain", __VA_ARGS__)) \ : (void)0 ) -# ifdef MOZ_CONTENT_SANDBOX -# include "mozilla/Sandbox.h" -# endif - #endif // MOZ_WIDGET_GONK #ifdef MOZ_WIDGET_GONK @@ -71,69 +57,10 @@ InitializeBinder(void *aDummy) { } #endif -#if defined(XP_WIN) && defined(MOZ_SANDBOX) -class WinSandboxStarter : public mozilla::gmp::SandboxStarter { -public: - virtual bool Start(const char *aLibPath) override { - if (IsSandboxedProcess()) { - mozilla::sandboxing::LowerSandbox(); - } - return true; - } -}; -#endif - -#if defined(XP_LINUX) && defined(MOZ_GMP_SANDBOX) -class LinuxSandboxStarter : public mozilla::gmp::SandboxStarter { - LinuxSandboxStarter() { } -public: - static SandboxStarter* Make() { - if (mozilla::SandboxInfo::Get().CanSandboxMedia()) { - return new LinuxSandboxStarter(); - } else { - // Sandboxing isn't possible, but the parent has already - // checked that this plugin doesn't require it. (Bug 1074561) - return nullptr; - } - } - virtual bool Start(const char *aLibPath) override { - mozilla::SetMediaPluginSandbox(aLibPath); - return true; - } -}; -#endif - -#if defined(XP_MACOSX) && defined(MOZ_GMP_SANDBOX) -class MacSandboxStarter : public mozilla::gmp::SandboxStarter { -public: - virtual bool Start(const char *aLibPath) override { - std::string err; - bool rv = mozilla::StartMacSandbox(mInfo, err); - if (!rv) { - fprintf(stderr, "sandbox_init() failed! Error \"%s\"\n", err.c_str()); - } - return rv; - } - virtual void SetSandboxInfo(MacSandboxInfo* aSandboxInfo) override { - mInfo = *aSandboxInfo; - } -private: - MacSandboxInfo mInfo; -}; -#endif - mozilla::gmp::SandboxStarter* MakeSandboxStarter() { -#if defined(XP_WIN) && defined(MOZ_SANDBOX) - return new WinSandboxStarter(); -#elif defined(XP_LINUX) && defined(MOZ_GMP_SANDBOX) - return LinuxSandboxStarter::Make(); -#elif defined(XP_MACOSX) && defined(MOZ_GMP_SANDBOX) - return new MacSandboxStarter(); -#else return nullptr; -#endif } int @@ -147,27 +74,8 @@ content_process_main(int argc, char* argv[]) XREChildData childData; -#if defined(XP_WIN) && defined(MOZ_SANDBOX) - if (IsSandboxedProcess()) { - childData.sandboxTargetServices = - mozilla::sandboxing::GetInitializedTargetServices(); - if (!childData.sandboxTargetServices) { - return 1; - } - - childData.ProvideLogFunction = mozilla::sandboxing::ProvideLogFunction; - } -#endif - XRE_SetProcessType(argv[--argc]); -#if defined(XP_LINUX) && defined(MOZ_SANDBOX) - // This has to happen while we're still single-threaded, and on - // B2G that means before the Android Binder library is - // initialized. - mozilla::SandboxEarlyInit(XRE_GetProcessType()); -#endif - #ifdef MOZ_WIDGET_GONK // This creates a ThreadPool for binder ipc. A ThreadPool is necessary to // receive binder calls, though not necessary to send binder calls. |