From 755e1020782fb42863e97d58a3e44d2eca760bb0 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Wed, 2 May 2018 21:58:04 +0200 Subject: Remove content process sandbox code. --- dom/ipc/ContentProcess.cpp | 113 --------------------------------------------- 1 file changed, 113 deletions(-) (limited to 'dom/ipc/ContentProcess.cpp') diff --git a/dom/ipc/ContentProcess.cpp b/dom/ipc/ContentProcess.cpp index 2413d8808..986617f55 100644 --- a/dom/ipc/ContentProcess.cpp +++ b/dom/ipc/ContentProcess.cpp @@ -8,122 +8,17 @@ #include "ContentProcess.h" -#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX) -#include -#endif - -#if (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX) -#include "mozilla/Preferences.h" -#include "nsAppDirectoryServiceDefs.h" -#include "nsDirectoryService.h" -#include "nsDirectoryServiceDefs.h" -#endif - using mozilla::ipc::IOThreadChild; namespace mozilla { namespace dom { -#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX) -static bool -IsSandboxTempDirRequired() -{ - // On Windows, a sandbox-writable temp directory is only used - // when sandbox pref level >= 1. - return Preferences::GetInt("security.sandbox.content.level") >= 1; -} - -static void -SetTmpEnvironmentVariable(nsIFile* aValue) -{ - // Save the TMP environment variable so that is is picked up by GetTempPath(). - // Note that we specifically write to the TMP variable, as that is the first - // variable that is checked by GetTempPath() to determine its output. - nsAutoString fullTmpPath; - nsresult rv = aValue->GetPath(fullTmpPath); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - Unused << NS_WARN_IF(!SetEnvironmentVariableW(L"TMP", fullTmpPath.get())); - // We also set TEMP in case there is naughty third-party code that is - // referencing the environment variable directly. - Unused << NS_WARN_IF(!SetEnvironmentVariableW(L"TEMP", fullTmpPath.get())); -} -#endif - -#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX) -static bool -IsSandboxTempDirRequired() -{ - // On OSX, use the sandbox-writable temp when the pref level >= 1. - return (Preferences::GetInt("security.sandbox.content.level") >= 1); -} - -static void -SetTmpEnvironmentVariable(nsIFile* aValue) -{ - nsAutoCString fullTmpPath; - nsresult rv = aValue->GetNativePath(fullTmpPath); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - Unused << NS_WARN_IF(setenv("TMPDIR", fullTmpPath.get(), 1) != 0); -} -#endif - -#if (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX) -static void -SetUpSandboxEnvironment() -{ - MOZ_ASSERT(nsDirectoryService::gService, - "SetUpSandboxEnvironment relies on nsDirectoryService being initialized"); - - if (!IsSandboxTempDirRequired()) { - return; - } - - nsCOMPtr sandboxedContentTemp; - nsresult rv = - nsDirectoryService::gService->Get(NS_APP_CONTENT_PROCESS_TEMP_DIR, - NS_GET_IID(nsIFile), - getter_AddRefs(sandboxedContentTemp)); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - // Change the gecko defined temp directory to our sandbox-writable one. - // Undefine returns a failure if the property is not already set. - Unused << nsDirectoryService::gService->Undefine(NS_OS_TEMP_DIR); - rv = nsDirectoryService::gService->Set(NS_OS_TEMP_DIR, sandboxedContentTemp); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - SetTmpEnvironmentVariable(sandboxedContentTemp); -} -#endif - void ContentProcess::SetAppDir(const nsACString& aPath) { mXREEmbed.SetAppDir(aPath); } -#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX) -void -ContentProcess::SetProfile(const nsACString& aProfile) -{ - bool flag; - nsresult rv = - XRE_GetFileFromPath(aProfile.BeginReading(), getter_AddRefs(mProfileDir)); - if (NS_FAILED(rv) || - NS_FAILED(mProfileDir->Exists(&flag)) || !flag) { - NS_WARNING("Invalid profile directory passed to content process."); - mProfileDir = nullptr; - } -} -#endif - bool ContentProcess::Init() { @@ -134,14 +29,6 @@ ContentProcess::Init() mContent.InitXPCOM(); mContent.InitGraphicsDeviceData(); -#if (defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX) - mContent.SetProfileDir(mProfileDir); -#endif - -#if (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX) - SetUpSandboxEnvironment(); -#endif - return true; } -- cgit v1.2.3