Differences From Artifact [814bcfc2f4]:
- File src/OFSandbox.h — part of check-in [648522a4e6] at 2018-11-04 16:24:41 on branch trunk — OFSandbox: Add support for unveil() (user: js, size: 6900) [annotate] [blame] [check-ins using]
To Artifact [572224ada5]:
- File
src/OFSandbox.h
— part of check-in
[8af3eedb02]
at
2018-11-11 22:16:10
on branch trunk
— OFSandbox: Avoid unveiling already unveiled paths
When changing and activating a sandbox again, do not unveil paths that
have already been unveiled by the previous activation. (user: js, size: 6937) [annotate] [blame] [check-ins using]
| ︙ | ︙ | |||
65 66 67 68 69 70 71 72 73 74 75 76 77 78 | unsigned int _allowsChangingProcessRights: 1; unsigned int _allowsPF: 1; unsigned int _allowsAudio: 1; unsigned int _allowsBPF: 1; unsigned int _allowsUnveil: 1; unsigned int _returnsErrors: 1; OFMutableArray OF_GENERIC(of_sandbox_unveil_path_t) *_unveiledPaths; } /*! * @brief Allows IO operations on previously allocated file descriptors. */ @property (nonatomic) bool allowsStdIO; | > > | 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 | unsigned int _allowsChangingProcessRights: 1; unsigned int _allowsPF: 1; unsigned int _allowsAudio: 1; unsigned int _allowsBPF: 1; unsigned int _allowsUnveil: 1; unsigned int _returnsErrors: 1; OFMutableArray OF_GENERIC(of_sandbox_unveil_path_t) *_unveiledPaths; @public size_t _unveiledPathsIndex; } /*! * @brief Allows IO operations on previously allocated file descriptors. */ @property (nonatomic) bool allowsStdIO; |
| ︙ | ︙ |