| ︙ | | | ︙ | |
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
* LICENSE.GPLv2 or LICENSE.GPLv3 respectively included in the packaging of this
* file.
*/
#include "config.h"
#import "OFSandbox.h"
#import "OFString.h"
#import "OFArray.h"
@implementation OFSandbox
+ (instancetype)sandbox
{
return [[[self alloc] init] autorelease];
}
- (void)setAllowsStdIO: (bool)allowsStdIO
{
_allowsStdIO = allowsStdIO;
}
- (bool)allowsStdIO
|
|
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
* LICENSE.GPLv2 or LICENSE.GPLv3 respectively included in the packaging of this
* file.
*/
#include "config.h"
#import "OFSandbox.h"
#import "OFArray.h"
#import "OFPair.h"
#import "OFString.h"
@implementation OFSandbox
@synthesize unveiledPaths = _unveiledPaths;
+ (instancetype)sandbox
{
return [[[self alloc] init] autorelease];
}
- (instancetype)init
{
self = [super init];
@try {
_unveiledPaths = [[OFMutableArray alloc] init];
} @catch (id e) {
[self release];
@throw e;
}
return self;
}
- (void)dealloc
{
[_unveiledPaths release];
[super dealloc];
}
- (void)setAllowsStdIO: (bool)allowsStdIO
{
_allowsStdIO = allowsStdIO;
}
- (bool)allowsStdIO
|
| ︙ | | | ︙ | |
302
303
304
305
306
307
308
309
310
311
312
313
314
315
|
_allowsBPF = allowsBPF;
}
- (bool)allowsBPF
{
return _allowsBPF;
}
- (id)copy
{
OFSandbox *copy = [[OFSandbox alloc] init];
copy->_allowsStdIO = _allowsStdIO;
copy->_allowsReadingFiles = _allowsReadingFiles;
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
|
_allowsBPF = allowsBPF;
}
- (bool)allowsBPF
{
return _allowsBPF;
}
- (void)setAllowsUnveil: (bool)allowsUnveil
{
_allowsUnveil = allowsUnveil;
}
- (bool)allowsUnveil
{
return _allowsUnveil;
}
- (void)setReturnsErrors: (bool)returnsErrors
{
_returnsErrors = returnsErrors;
}
- (bool)returnsErrors
{
return _returnsErrors;
}
- (id)copy
{
OFSandbox *copy = [[OFSandbox alloc] init];
copy->_allowsStdIO = _allowsStdIO;
copy->_allowsReadingFiles = _allowsReadingFiles;
|
| ︙ | | | ︙ | |
335
336
337
338
339
340
341
342
343
344
345
346
347
348
|
copy->_allowsSetTime = _allowsSetTime;
copy->_allowsPS = _allowsPS;
copy->_allowsVMInfo = _allowsVMInfo;
copy->_allowsChangingProcessRights = _allowsChangingProcessRights;
copy->_allowsPF = _allowsPF;
copy->_allowsAudio = _allowsAudio;
copy->_allowsBPF = _allowsBPF;
return copy;
}
- (bool)isEqual: (id)object
{
OFSandbox *sandbox;
|
>
>
|
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
|
copy->_allowsSetTime = _allowsSetTime;
copy->_allowsPS = _allowsPS;
copy->_allowsVMInfo = _allowsVMInfo;
copy->_allowsChangingProcessRights = _allowsChangingProcessRights;
copy->_allowsPF = _allowsPF;
copy->_allowsAudio = _allowsAudio;
copy->_allowsBPF = _allowsBPF;
copy->_allowsUnveil = _allowsUnveil;
copy->_returnsErrors = _returnsErrors;
return copy;
}
- (bool)isEqual: (id)object
{
OFSandbox *sandbox;
|
| ︙ | | | ︙ | |
411
412
413
414
415
416
417
418
419
420
421
422
423
424
|
return false;
if (sandbox->_allowsPF != _allowsPF)
return false;
if (sandbox->_allowsAudio != _allowsAudio)
return false;
if (sandbox->_allowsBPF != _allowsBPF)
return false;
return true;
}
- (uint32_t)hash
{
uint32_t hash;
|
>
>
>
>
|
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
|
return false;
if (sandbox->_allowsPF != _allowsPF)
return false;
if (sandbox->_allowsAudio != _allowsAudio)
return false;
if (sandbox->_allowsBPF != _allowsBPF)
return false;
if (sandbox->_allowsUnveil != _allowsUnveil)
return false;
if (sandbox->_returnsErrors != _returnsErrors)
return false;
return true;
}
- (uint32_t)hash
{
uint32_t hash;
|
| ︙ | | | ︙ | |
449
450
451
452
453
454
455
456
457
458
459
460
461
462
|
OF_HASH_ADD(hash, _allowsSetTime);
OF_HASH_ADD(hash, _allowsPS);
OF_HASH_ADD(hash, _allowsVMInfo);
OF_HASH_ADD(hash, _allowsChangingProcessRights);
OF_HASH_ADD(hash, _allowsPF);
OF_HASH_ADD(hash, _allowsAudio);
OF_HASH_ADD(hash, _allowsBPF);
OF_HASH_FINALIZE(hash);
return hash;
}
#ifdef OF_HAVE_PLEDGE
|
>
>
|
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
|
OF_HASH_ADD(hash, _allowsSetTime);
OF_HASH_ADD(hash, _allowsPS);
OF_HASH_ADD(hash, _allowsVMInfo);
OF_HASH_ADD(hash, _allowsChangingProcessRights);
OF_HASH_ADD(hash, _allowsPF);
OF_HASH_ADD(hash, _allowsAudio);
OF_HASH_ADD(hash, _allowsBPF);
OF_HASH_ADD(hash, _allowsUnveil);
OF_HASH_ADD(hash, _returnsErrors);
OF_HASH_FINALIZE(hash);
return hash;
}
#ifdef OF_HAVE_PLEDGE
|
| ︙ | | | ︙ | |
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
|
[pledges addObject: @"id"];
if (_allowsPF)
[pledges addObject: @"pf"];
if (_allowsAudio)
[pledges addObject: @"audio"];
if (_allowsBPF)
[pledges addObject: @"bpf"];
ret = [pledges componentsJoinedByString: @" "];
[ret retain];
objc_autoreleasePoolPop(pool);
return [ret autorelease];
}
#endif
@end
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
|
[pledges addObject: @"id"];
if (_allowsPF)
[pledges addObject: @"pf"];
if (_allowsAudio)
[pledges addObject: @"audio"];
if (_allowsBPF)
[pledges addObject: @"bpf"];
if (_allowsUnveil)
[pledges addObject: @"unveil"];
if (_returnsErrors)
[pledges addObject: @"error"];
ret = [pledges componentsJoinedByString: @" "];
[ret retain];
objc_autoreleasePoolPop(pool);
return [ret autorelease];
}
#endif
- (void)unveilPath: (OFString *)path
permissions: (OFString *)permissions
{
void *pool = objc_autoreleasePoolPush();
[_unveiledPaths addObject: [OFPair pairWithFirstObject: path
secondObject: permissions]];
objc_autoreleasePoolPop(pool);
}
- (OFArray OF_GENERIC(of_sandbox_unveil_path_t) *)unveiledPaths
{
return [[_unveiledPaths copy] autorelease];
}
@end
|