Differences From Artifact [517256bc85]:
- File
src/OFApplication.m
— part of check-in
[8af3eedb02]
at
2018-11-11 22:16:10
on branch trunk
— OFSandbox: Avoid unveiling already unveiled paths
When changing and activating a sandbox again, do not unveil paths that
have already been unveiled by the previous activation. (user: js, size: 14649) [annotate] [blame] [check-ins using]
To Artifact [bd6d38d7b4]:
- File
src/OFApplication.m
— part of check-in
[e0c2e70f7b]
at
2018-11-11 22:30:21
on branch trunk
— OFApplication: Disallow using a different sandbox
While the active sandbox can be changed, a different sandbox must not be
activated. The reason for this is that allowing to activate a different
sandbox makes it impossible to track which paths have already been
unveiled. (user: js, size: 14794) [annotate] [blame] [check-ins using]
︙ | ︙ | |||
591 592 593 594 595 596 597 | #ifdef OF_HAVE_SANDBOX - (void)activateSandbox: (OFSandbox *)sandbox { # ifdef OF_HAVE_PLEDGE void *pool = objc_autoreleasePoolPush(); of_string_encoding_t encoding = [OFLocale encoding]; | < < > | > > > > | | < | | | > > > > | | < | 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 | #ifdef OF_HAVE_SANDBOX - (void)activateSandbox: (OFSandbox *)sandbox { # ifdef OF_HAVE_PLEDGE void *pool = objc_autoreleasePoolPush(); of_string_encoding_t encoding = [OFLocale encoding]; OFArray OF_GENERIC(of_sandbox_unveil_path_t) *unveiledPaths; size_t unveiledPathsCount; const char *promises; if (_activeSandbox != nil && sandbox != _activeSandbox) @throw [OFInvalidArgumentException exception]; unveiledPaths = [sandbox unveiledPaths]; unveiledPathsCount = [unveiledPaths count]; for (size_t i = sandbox->_unveiledPathsIndex; i < unveiledPathsCount; i++) { of_sandbox_unveil_path_t unveiledPath = [unveiledPaths objectAtIndex: i]; OFString *path = [unveiledPath firstObject]; OFString *permissions = [unveiledPath secondObject]; if (path == nil || permissions == nil) @throw [OFInvalidArgumentException exception]; unveil([path cStringWithEncoding: encoding], [permissions cStringWithEncoding: encoding]); } sandbox->_unveiledPathsIndex = unveiledPathsCount; promises = [[sandbox pledgeString] cStringWithEncoding: encoding]; if (pledge(promises, NULL) != 0) @throw [OFSandboxActivationFailedException exceptionWithSandbox: sandbox errNo: errno]; objc_autoreleasePoolPop(pool); if (_activeSandbox == nil) _activeSandbox = [sandbox retain]; # endif } - (void)activateSandboxForExecdProcesses: (OFSandbox *)sandbox { # ifdef OF_HAVE_PLEDGE void *pool = objc_autoreleasePoolPush(); const char *promises; if (_activeExecSandbox != nil && sandbox != _activeExecSandbox) @throw [OFInvalidArgumentException exception]; if ([[sandbox unveiledPaths] count] != 0) @throw [OFInvalidArgumentException exception]; promises = [[sandbox pledgeString] cStringWithEncoding: [OFLocale encoding]]; if (pledge(NULL, promises) != 0) @throw [OFSandboxActivationFailedException exceptionWithSandbox: sandbox errNo: errno]; objc_autoreleasePoolPop(pool); if (_activeExecSandbox == nil) _activeExecSandbox = [sandbox retain]; # endif } #endif @end |