Differences From Artifact [e8c3d87532]:
- File src/OFApplication.m — part of check-in [648522a4e6] at 2018-11-04 16:24:41 on branch trunk — OFSandbox: Add support for unveil() (user: js, size: 14327) [annotate] [blame] [check-ins using]
To Artifact [517256bc85]:
- File
src/OFApplication.m
— part of check-in
[8af3eedb02]
at
2018-11-11 22:16:10
on branch trunk
— OFSandbox: Avoid unveiling already unveiled paths
When changing and activating a sandbox again, do not unveil paths that
have already been unveiled by the previous activation. (user: js, size: 14649) [annotate] [blame] [check-ins using]
| ︙ | ︙ | |||
593 594 595 596 597 598 599 600 601 |
- (void)activateSandbox: (OFSandbox *)sandbox
{
# ifdef OF_HAVE_PLEDGE
void *pool = objc_autoreleasePoolPush();
of_string_encoding_t encoding = [OFLocale encoding];
const char *promises = [[sandbox pledgeString]
cStringWithEncoding: encoding];
OFSandbox *oldSandbox;
| > > > > > > > | > > > | 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 |
- (void)activateSandbox: (OFSandbox *)sandbox
{
# ifdef OF_HAVE_PLEDGE
void *pool = objc_autoreleasePoolPush();
of_string_encoding_t encoding = [OFLocale encoding];
const char *promises = [[sandbox pledgeString]
cStringWithEncoding: encoding];
OFArray OF_GENERIC(of_sandbox_unveil_path_t) *unveiledPaths;
size_t unveiledPathsCount;
OFSandbox *oldSandbox;
unveiledPaths = [sandbox unveiledPaths];
unveiledPathsCount = [unveiledPaths count];
for (size_t i = sandbox->_unveiledPathsIndex;
i < unveiledPathsCount; i++) {
of_sandbox_unveil_path_t unveiledPath =
[unveiledPaths objectAtIndex: i];
OFString *path = [unveiledPath firstObject];
OFString *permissions = [unveiledPath secondObject];
if (path == nil || permissions == nil)
@throw [OFInvalidArgumentException exception];
unveil([path cStringWithEncoding: encoding],
[permissions cStringWithEncoding: encoding]);
}
sandbox->_unveiledPathsIndex = unveiledPathsCount;
if (pledge(promises, NULL) != 0)
@throw [OFSandboxActivationFailedException
exceptionWithSandbox: sandbox
errNo: errno];
objc_autoreleasePoolPop(pool);
|
| ︙ | ︙ |