From 755e1020782fb42863e97d58a3e44d2eca760bb0 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Wed, 2 May 2018 21:58:04 +0200 Subject: Remove content process sandbox code. --- ipc/contentproc/plugin-container.cpp | 4 ---- ipc/glue/GeckoChildProcessHost.cpp | 38 ------------------------------------ ipc/mscom/InterceptorLog.cpp | 5 ----- 3 files changed, 47 deletions(-) (limited to 'ipc') diff --git a/ipc/contentproc/plugin-container.cpp b/ipc/contentproc/plugin-container.cpp index f293889b0..2383681d1 100644 --- a/ipc/contentproc/plugin-container.cpp +++ b/ipc/contentproc/plugin-container.cpp @@ -49,10 +49,6 @@ "Gecko:MozillaRntimeMain", __VA_ARGS__)) \ : (void)0 ) -# ifdef MOZ_CONTENT_SANDBOX -# include "mozilla/Sandbox.h" -# endif - #endif // MOZ_WIDGET_GONK #ifdef MOZ_WIDGET_GONK diff --git a/ipc/glue/GeckoChildProcessHost.cpp b/ipc/glue/GeckoChildProcessHost.cpp index db8ab3d0a..fc376d703 100644 --- a/ipc/glue/GeckoChildProcessHost.cpp +++ b/ipc/glue/GeckoChildProcessHost.cpp @@ -23,10 +23,6 @@ #include "prenv.h" #include "nsXPCOMPrivate.h" -#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX) -#include "nsAppDirectoryServiceDefs.h" -#endif - #include "nsExceptionHandler.h" #include "nsDirectoryServiceDefs.h" @@ -312,15 +308,6 @@ GeckoChildProcessHost::PrepareLaunch() InitWindowsGroupID(); } -#if defined(MOZ_CONTENT_SANDBOX) - // We need to get the pref here as the process is launched off main thread. - if (mProcessType == GeckoProcessType_Content) { - mSandboxLevel = Preferences::GetInt("security.sandbox.content.level"); - mEnableSandboxLogging = - Preferences::GetBool("security.sandbox.windows.log"); - } -#endif - #if defined(MOZ_SANDBOX) // For other process types we can't rely on them being launched on main // thread and they may not have access to prefs in the child process, so allow @@ -608,20 +595,6 @@ AddAppDirToCommandLine(std::vector& aCmdLine) aCmdLine.push_back(path.get()); #endif } - -#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX) - // Full path to the profile dir - nsCOMPtr profileDir; - rv = directoryService->Get(NS_APP_USER_PROFILE_50_DIR, - NS_GET_IID(nsIFile), - getter_AddRefs(profileDir)); - if (NS_SUCCEEDED(rv)) { - nsAutoCString path; - MOZ_ALWAYS_SUCCEEDS(profileDir->GetNativePath(path)); - aCmdLine.push_back("-profile"); - aCmdLine.push_back(path.get()); - } -#endif } } } @@ -1029,17 +1002,6 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector& aExt // of reorganizing so I don't think this patch is the right time. switch (mProcessType) { case GeckoProcessType_Content: -#if defined(MOZ_CONTENT_SANDBOX) - if (mSandboxLevel > 0 && - !PR_GetEnv("MOZ_DISABLE_CONTENT_SANDBOX")) { - // For now we treat every failure as fatal in SetSecurityLevelForContentProcess - // and just crash there right away. Should this change in the future then we - // should also handle the error here. - mSandboxBroker.SetSecurityLevelForContentProcess(mSandboxLevel); - shouldSandboxCurrentProcess = true; - AddContentSandboxAllowedFiles(mSandboxLevel, mAllowedFilesRead); - } -#endif // MOZ_CONTENT_SANDBOX break; case GeckoProcessType_Plugin: if (mSandboxLevel > 0 && diff --git a/ipc/mscom/InterceptorLog.cpp b/ipc/mscom/InterceptorLog.cpp index c2cd3c7df..3f3dc3f34 100644 --- a/ipc/mscom/InterceptorLog.cpp +++ b/ipc/mscom/InterceptorLog.cpp @@ -98,13 +98,8 @@ Logger::Logger(const nsACString& aLeafBaseName) rv = NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(logFileName)); } else if (procType == GeckoProcessType_Content) { leafName.AppendLiteral("-Content-"); -#if defined(MOZ_CONTENT_SANDBOX) - rv = NS_GetSpecialDirectory(NS_APP_CONTENT_PROCESS_TEMP_DIR, - getter_AddRefs(logFileName)); -#else rv = NS_GetSpecialDirectory(NS_OS_TEMP_DIR, getter_AddRefs(logFileName)); -#endif // defined(MOZ_CONTENT_SANDBOX) } else { return; } -- cgit v1.2.3