Comment: | Make OFSandbox private
It is unclear whether the same API can be applied to other sandboxing |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | 1.0 |
Files: | files | file ages | folders |
SHA3-256: |
510628432fdc10bcb933a4712adc7589 |
User & Date: | js on 2020-12-22 13:16:28 |
Other Links: | branch diff | manifest | tags |
2020-12-22
| ||
13:18 | • Ticket [a550bff2f8] Generalize API for OFSandbox status still Open with 4 other changes artifact: f6a083f883 user: js | |
2021-04-08
| ||
17:24 | Make OFSandbox private check-in: 787a7388b7 user: js tags: trunk | |
2020-12-22
| ||
20:19 | Merge trunk into 1.0 branch check-in: 62edb405b9 user: js tags: 1.0 | |
13:16 | Make OFSandbox private check-in: 510628432f user: js tags: 1.0 | |
2020-12-18
| ||
10:45 | Merge trunk into 1.0 branch check-in: 98c3748090 user: js tags: 1.0 | |
Modified src/Makefile from [f75f17d137] to [d77caca841].
︙ | ︙ | |||
54 55 56 57 58 59 60 | OFObject+KeyValueCoding.m \ OFObject+Serialization.m \ OFOptionsParser.m \ OFPair.m \ ${OF_PROCESS_M} \ OFRIPEMD160Hash.m \ OFRunLoop.m \ | < | 54 55 56 57 58 59 60 61 62 63 64 65 66 67 | OFObject+KeyValueCoding.m \ OFObject+Serialization.m \ OFOptionsParser.m \ OFPair.m \ ${OF_PROCESS_M} \ OFRIPEMD160Hash.m \ OFRunLoop.m \ OFSecureData.m \ OFSeekableStream.m \ OFSet.m \ OFSHA1Hash.m \ OFSHA224Hash.m \ OFSHA224Or256Hash.m \ OFSHA256Hash.m \ |
︙ | ︙ | |||
192 193 194 195 196 197 198 199 200 201 202 203 204 205 | OFMutableUTF8String.m \ OFNonretainedObjectValue.m \ OFPointValue.m \ OFPointerValue.m \ OFRangeCharacterSet.m \ OFRangeValue.m \ OFRectangleValue.m \ OFSubarray.m \ OFUTF8String.m \ ${LIBBASES_M} \ ${RUNTIME_AUTORELEASE_M} \ ${RUNTIME_INSTANCE_M} SRCS_FILES += OFFileURLHandler.m \ OFINIFileSettings.m | > | 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 | OFMutableUTF8String.m \ OFNonretainedObjectValue.m \ OFPointValue.m \ OFPointerValue.m \ OFRangeCharacterSet.m \ OFRangeValue.m \ OFRectangleValue.m \ OFSandbox.m \ OFSubarray.m \ OFUTF8String.m \ ${LIBBASES_M} \ ${RUNTIME_AUTORELEASE_M} \ ${RUNTIME_INSTANCE_M} SRCS_FILES += OFFileURLHandler.m \ OFINIFileSettings.m |
︙ | ︙ |
Modified src/OFApplication.h from [a2a9803d24] to [090cdb1ff6].
︙ | ︙ | |||
198 199 200 201 202 203 204 | /** * @brief The delegate of the application. */ @property OF_NULLABLE_PROPERTY (assign, nonatomic) id <OFApplicationDelegate> delegate; #ifdef OF_HAVE_SANDBOX | < < < < < < < | 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 | /** * @brief The delegate of the application. */ @property OF_NULLABLE_PROPERTY (assign, nonatomic) id <OFApplicationDelegate> delegate; #ifdef OF_HAVE_SANDBOX @property OF_NULLABLE_PROPERTY (readonly, nonatomic) OFSandbox *activeSandbox; @property OF_NULLABLE_PROPERTY (readonly, nonatomic) OFSandbox *activeSandboxForChildProcesses; #endif /** * @brief Returns the only OFApplication instance in the application. * |
︙ | ︙ | |||
251 252 253 254 255 256 257 | * @brief Terminates the application with the specified status. * * @param status The status with which the application will terminate */ + (void)terminateWithStatus: (int)status OF_NO_RETURN; #ifdef OF_HAVE_SANDBOX | < < < < < < < < < < < < < < | < < < < < < < < < < < < < < < | | 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 | * @brief Terminates the application with the specified status. * * @param status The status with which the application will terminate */ + (void)terminateWithStatus: (int)status OF_NO_RETURN; #ifdef OF_HAVE_SANDBOX + (void)of_activateSandbox: (OFSandbox *)sandbox; + (void)of_activateSandboxForChildProcesses: (OFSandbox *)sandbox; #endif - (instancetype)init OF_UNAVAILABLE; /** * @brief Gets argc and argv. * |
︙ | ︙ | |||
308 309 310 311 312 313 314 | * @brief Terminates the application with the specified status. * * @param status The status with which the application will terminate */ - (void)terminateWithStatus: (int)status OF_NO_RETURN; #ifdef OF_HAVE_SANDBOX | < < < < < < < < < < < < < < | < < < < < < < < < < < < < < < | | 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 | * @brief Terminates the application with the specified status. * * @param status The status with which the application will terminate */ - (void)terminateWithStatus: (int)status OF_NO_RETURN; #ifdef OF_HAVE_SANDBOX - (void)of_activateSandbox: (OFSandbox *)sandbox; - (void)of_activateSandboxForChildProcesses: (OFSandbox *)sandbox; #endif @end #ifdef __cplusplus extern "C" { #endif extern int of_application_main(int *_Nonnull, char *_Nullable *_Nonnull[_Nonnull], id <OFApplicationDelegate>); #ifdef __cplusplus } #endif OF_ASSUME_NONNULL_END |
Modified src/OFApplication.m from [9bf3f4dbf0] to [7562fe05db].
︙ | ︙ | |||
198 199 200 201 202 203 204 | sceKernelExitGame(); OF_UNREACHABLE #endif } #ifdef OF_HAVE_SANDBOX | | | | | | 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 | sceKernelExitGame(); OF_UNREACHABLE #endif } #ifdef OF_HAVE_SANDBOX + (void)of_activateSandbox: (OFSandbox *)sandbox { [app of_activateSandbox: sandbox]; } + (void)of_activateSandboxForChildProcesses: (OFSandbox *)sandbox { [app of_activateSandboxForChildProcesses: sandbox]; } #endif - (instancetype)init { OF_INVALID_INIT_METHOD } |
︙ | ︙ | |||
623 624 625 626 627 628 629 | { [self.class terminateWithStatus: status]; OF_UNREACHABLE } #ifdef OF_HAVE_SANDBOX | | | 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 | { [self.class terminateWithStatus: status]; OF_UNREACHABLE } #ifdef OF_HAVE_SANDBOX - (void)of_activateSandbox: (OFSandbox *)sandbox { # ifdef OF_HAVE_PLEDGE void *pool = objc_autoreleasePoolPush(); of_string_encoding_t encoding = [OFLocale encoding]; OFArray OF_GENERIC(of_sandbox_unveil_path_t) *unveiledPaths; size_t unveiledPathsCount; const char *promises; |
︙ | ︙ | |||
668 669 670 671 672 673 674 | objc_autoreleasePoolPop(pool); if (_activeSandbox == nil) _activeSandbox = [sandbox retain]; # endif } | | | 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 | objc_autoreleasePoolPop(pool); if (_activeSandbox == nil) _activeSandbox = [sandbox retain]; # endif } - (void)of_activateSandboxForChildProcesses: (OFSandbox *)sandbox { # ifdef OF_HAVE_PLEDGE void *pool = objc_autoreleasePoolPush(); const char *promises; if (_activeSandboxForChildProcesses != nil && sandbox != _activeSandboxForChildProcesses) |
︙ | ︙ |
Modified src/OFSandbox.h from [e483b091af] to [6889cf69c3].
︙ | ︙ | |||
15 16 17 18 19 20 21 | * file. */ #import "OFObject.h" OF_ASSUME_NONNULL_BEGIN | < < < < < < < < < < < | 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | * file. */ #import "OFObject.h" OF_ASSUME_NONNULL_BEGIN @class OFArray OF_GENERIC(ObjectType); @class OFMutableArray OF_GENERIC(ObjectType); @class OFPair OF_GENERIC(FirstType, SecondType); typedef OFPair OF_GENERIC(OFString *, OFString *) *of_sandbox_unveil_path_t; @interface OFSandbox: OFObject <OFCopying> { unsigned int _allowsStdIO: 1; unsigned int _allowsReadingFiles: 1; unsigned int _allowsWritingFiles: 1; unsigned int _allowsCreatingFiles: 1; unsigned int _allowsCreatingSpecialFiles: 1; |
︙ | ︙ | |||
70 71 72 73 74 75 76 | unsigned int _returnsErrors: 1; OFMutableArray OF_GENERIC(of_sandbox_unveil_path_t) *_unveiledPaths; @public size_t _unveiledPathsIndex; OF_RESERVE_IVARS(OFSandbox, 4) } | < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < | 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 | unsigned int _returnsErrors: 1; OFMutableArray OF_GENERIC(of_sandbox_unveil_path_t) *_unveiledPaths; @public size_t _unveiledPathsIndex; OF_RESERVE_IVARS(OFSandbox, 4) } @property (nonatomic) bool allowsStdIO; @property (nonatomic) bool allowsReadingFiles; @property (nonatomic) bool allowsWritingFiles; @property (nonatomic) bool allowsCreatingFiles; @property (nonatomic) bool allowsCreatingSpecialFiles; @property (nonatomic) bool allowsTemporaryFiles; @property (nonatomic) bool allowsIPSockets; @property (nonatomic) bool allowsMulticastSockets; @property (nonatomic) bool allowsChangingFileAttributes; @property (nonatomic) bool allowsFileOwnerChanges; @property (nonatomic) bool allowsFileLocks; @property (nonatomic) bool allowsUNIXSockets; @property (nonatomic) bool allowsDNS; @property (nonatomic) bool allowsUserDatabaseReading; @property (nonatomic) bool allowsFileDescriptorSending; @property (nonatomic) bool allowsFileDescriptorReceiving; @property (nonatomic) bool allowsTape; @property (nonatomic) bool allowsTTY; @property (nonatomic) bool allowsProcessOperations; @property (nonatomic) bool allowsExec; @property (nonatomic) bool allowsProtExec; @property (nonatomic) bool allowsSetTime; @property (nonatomic) bool allowsPS; @property (nonatomic) bool allowsVMInfo; @property (nonatomic) bool allowsChangingProcessRights; @property (nonatomic) bool allowsPF; @property (nonatomic) bool allowsAudio; @property (nonatomic) bool allowsBPF; @property (nonatomic) bool allowsUnveil; @property (nonatomic) bool returnsErrors; #ifdef OF_HAVE_PLEDGE @property (readonly, nonatomic) OFString *pledgeString; #endif @property (readonly, nonatomic) OFArray OF_GENERIC(of_sandbox_unveil_path_t) *unveiledPaths; + (instancetype)sandbox; - (void)unveilPath: (OFString *)path permissions: (OFString *)permissions; @end OF_ASSUME_NONNULL_END |
Modified src/ObjFW.h from [253b474482] to [2bba394ec2].
︙ | ︙ | |||
126 127 128 129 130 131 132 | #import "OFApplication.h" #import "OFSystemInfo.h" #import "OFLocale.h" #import "OFOptionsParser.h" #import "OFTimer.h" #import "OFRunLoop.h" | < | 126 127 128 129 130 131 132 133 134 135 136 137 138 139 | #import "OFApplication.h" #import "OFSystemInfo.h" #import "OFLocale.h" #import "OFOptionsParser.h" #import "OFTimer.h" #import "OFRunLoop.h" #ifdef OF_WINDOWS # import "OFWindowsRegistryKey.h" #endif #import "OFAllocFailedException.h" #import "OFException.h" |
︙ | ︙ | |||
210 211 212 213 214 215 216 | #import "OFReadFailedException.h" #import "OFReadOrWriteFailedException.h" #import "OFRemoveItemFailedException.h" #ifdef OF_HAVE_SOCKETS # import "OFResolveHostFailedException.h" #endif #import "OFRetrieveItemAttributesFailedException.h" | < | 209 210 211 212 213 214 215 216 217 218 219 220 221 222 | #import "OFReadFailedException.h" #import "OFReadOrWriteFailedException.h" #import "OFRemoveItemFailedException.h" #ifdef OF_HAVE_SOCKETS # import "OFResolveHostFailedException.h" #endif #import "OFRetrieveItemAttributesFailedException.h" #import "OFSeekFailedException.h" #import "OFSetItemAttributesFailedException.h" #import "OFSetOptionFailedException.h" #ifdef OF_WINDOWS # import "OFSetWindowsRegistryValueFailedException.h" #endif #import "OFStillLockedException.h" |
︙ | ︙ |
Modified src/exceptions/Makefile from [103a175ba6] to [351e362627].
︙ | ︙ | |||
29 30 31 32 33 34 35 | OFOpenItemFailedException.m \ OFOutOfMemoryException.m \ OFOutOfRangeException.m \ OFReadFailedException.m \ OFReadOrWriteFailedException.m \ OFRemoveItemFailedException.m \ OFRetrieveItemAttributesFailedException.m \ | < | 29 30 31 32 33 34 35 36 37 38 39 40 41 42 | OFOpenItemFailedException.m \ OFOutOfMemoryException.m \ OFOutOfRangeException.m \ OFReadFailedException.m \ OFReadOrWriteFailedException.m \ OFRemoveItemFailedException.m \ OFRetrieveItemAttributesFailedException.m \ OFSeekFailedException.m \ OFSetItemAttributesFailedException.m \ OFSetOptionFailedException.m \ OFStillLockedException.m \ OFTruncatedDataException.m \ OFUnboundNamespaceException.m \ OFUnboundPrefixException.m \ |
︙ | ︙ | |||
73 74 75 76 77 78 79 | SRCS_WINDOWS = OFCreateWindowsRegistryKeyFailedException.m \ OFDeleteWindowsRegistryKeyFailedException.m \ OFDeleteWindowsRegistryValueFailedException.m \ OFGetWindowsRegistryValueFailedException.m \ OFOpenWindowsRegistryKeyFailedException.m \ OFSetWindowsRegistryValueFailedException.m | | > > | 72 73 74 75 76 77 78 79 80 81 82 83 84 85 | SRCS_WINDOWS = OFCreateWindowsRegistryKeyFailedException.m \ OFDeleteWindowsRegistryKeyFailedException.m \ OFDeleteWindowsRegistryValueFailedException.m \ OFGetWindowsRegistryValueFailedException.m \ OFOpenWindowsRegistryKeyFailedException.m \ OFSetWindowsRegistryValueFailedException.m INCLUDES := ${SRCS:.m=.h} SRCS += OFSandboxActivationFailedException.m include ../../buildsys.mk CPPFLAGS += -I. -I.. -I../.. -I../runtime |
Modified src/exceptions/OFSandboxActivationFailedException.h from [4b78a21d95] to [21ea9e53e1].
︙ | ︙ | |||
17 18 19 20 21 22 23 | #import "OFException.h" OF_ASSUME_NONNULL_BEGIN @class OFSandbox; | < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < | 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | #import "OFException.h" OF_ASSUME_NONNULL_BEGIN @class OFSandbox; @interface OFSandboxActivationFailedException: OFException { OFSandbox *_sandbox; int _errNo; } @property (readonly, nonatomic) OFSandbox *sandbox; @property (readonly, nonatomic) int errNo; + (instancetype)exception OF_UNAVAILABLE; + (instancetype)exceptionWithSandbox: (OFSandbox *)sandbox errNo: (int)errNo; - (instancetype)init OF_UNAVAILABLE; - (instancetype)initWithSandbox: (OFSandbox *)sandbox errNo: (int)errNo OF_DESIGNATED_INITIALIZER; @end OF_ASSUME_NONNULL_END |
Modified utils/ofarc/OFArc.m from [f2fa0ce091] to [edd8dd6d33].
︙ | ︙ | |||
180 181 182 183 184 185 186 | sandbox.allowsWritingFiles = true; sandbox.allowsCreatingFiles = true; sandbox.allowsChangingFileAttributes = true; sandbox.allowsUserDatabaseReading = true; /* Dropped after parsing options */ sandbox.allowsUnveil = true; | | | 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 | sandbox.allowsWritingFiles = true; sandbox.allowsCreatingFiles = true; sandbox.allowsChangingFileAttributes = true; sandbox.allowsUserDatabaseReading = true; /* Dropped after parsing options */ sandbox.allowsUnveil = true; [OFApplication of_activateSandbox: sandbox]; #endif #ifndef OF_AMIGAOS [OFLocale addLanguageDirectory: @LANGUAGE_DIR]; #else [OFLocale addLanguageDirectory: @"PROGDIR:/share/ofarc/lang"]; #endif |
︙ | ︙ | |||
326 327 328 329 330 331 332 | permissions: (mode == 'a' ? @"rwc" : @"wc")]; for (OFString *path in files) [sandbox unveilPath: path permissions: @"r"]; sandbox.allowsUnveil = false; | | | | | 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 | permissions: (mode == 'a' ? @"rwc" : @"wc")]; for (OFString *path in files) [sandbox unveilPath: path permissions: @"r"]; sandbox.allowsUnveil = false; [OFApplication of_activateSandbox: sandbox]; #endif archive = [self openArchiveWithPath: remainingArguments.firstObject type: type mode: mode encoding: encoding]; [archive addFiles: files]; break; case 'l': if (remainingArguments.count != 1) help(of_stderr, false, 1); #ifdef OF_HAVE_SANDBOX if (![remainingArguments.firstObject isEqual: @"-"]) [sandbox unveilPath: remainingArguments.firstObject permissions: @"r"]; sandbox.allowsUnveil = false; [OFApplication of_activateSandbox: sandbox]; #endif archive = [self openArchiveWithPath: remainingArguments.firstObject type: type mode: mode encoding: encoding]; [archive listFiles]; break; case 'p': if (remainingArguments.count < 1) help(of_stderr, false, 1); #ifdef OF_HAVE_SANDBOX if (![remainingArguments.firstObject isEqual: @"-"]) [sandbox unveilPath: remainingArguments.firstObject permissions: @"r"]; sandbox.allowsUnveil = false; [OFApplication of_activateSandbox: sandbox]; #endif files = [remainingArguments objectsInRange: of_range(1, remainingArguments.count - 1)]; archive = [self openArchiveWithPath: remainingArguments.firstObject |
︙ | ︙ | |||
407 408 409 410 411 412 413 | ? outputDir : OF_PATH_CURRENT_DIRECTORY); /* We need 'r' to change the directory to it. */ [sandbox unveilPath: path permissions: @"rwc"]; } sandbox.allowsUnveil = false; | | | 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 | ? outputDir : OF_PATH_CURRENT_DIRECTORY); /* We need 'r' to change the directory to it. */ [sandbox unveilPath: path permissions: @"rwc"]; } sandbox.allowsUnveil = false; [OFApplication of_activateSandbox: sandbox]; #endif archive = [self openArchiveWithPath: remainingArguments.firstObject type: type mode: mode encoding: encoding]; |
︙ | ︙ |
Modified utils/ofdns/OFDNS.m from [7cbfa15818] to [738e19c883].
︙ | ︙ | |||
109 110 111 112 113 114 115 | #ifdef OF_HAVE_SANDBOX OFSandbox *sandbox = [[OFSandbox alloc] init]; @try { sandbox.allowsStdIO = true; sandbox.allowsDNS = true; | | | 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 | #ifdef OF_HAVE_SANDBOX OFSandbox *sandbox = [[OFSandbox alloc] init]; @try { sandbox.allowsStdIO = true; sandbox.allowsDNS = true; [OFApplication of_activateSandbox: sandbox]; } @finally { [sandbox release]; } #endif recordTypes = [OFMutableArray array]; |
︙ | ︙ |
Modified utils/ofhash/OFHash.m from [58d815f0b3] to [b2fba3a19f].
︙ | ︙ | |||
133 134 135 136 137 138 139 | for (OFString *path in optionsParser.remainingArguments) [sandbox unveilPath: path permissions: @"r"]; [sandbox unveilPath: @LANGUAGE_DIR permissions: @"r"]; | | | 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 | for (OFString *path in optionsParser.remainingArguments) [sandbox unveilPath: path permissions: @"r"]; [sandbox unveilPath: @LANGUAGE_DIR permissions: @"r"]; [OFApplication of_activateSandbox: sandbox]; } @finally { [sandbox release]; } #endif if (!calculateMD5 && !calculateRIPEMD160 && !calculateSHA1 && !calculateSHA224 && !calculateSHA256 && !calculateSHA384 && |
︙ | ︙ |
Modified utils/ofhttp/OFHTTP.m from [089353e353] to [8920dc599a].
︙ | ︙ | |||
445 446 447 448 449 450 451 | sandbox.allowsIPSockets = true; sandbox.allowsDNS = true; sandbox.allowsUserDatabaseReading = true; sandbox.allowsTTY = true; /* Dropped after parsing options */ sandbox.allowsUnveil = true; | | | 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 | sandbox.allowsIPSockets = true; sandbox.allowsDNS = true; sandbox.allowsUserDatabaseReading = true; sandbox.allowsTTY = true; /* Dropped after parsing options */ sandbox.allowsUnveil = true; [OFApplication of_activateSandbox: sandbox]; #endif #ifndef OF_AMIGAOS [OFLocale addLanguageDirectory: @LANGUAGE_DIR]; #else [OFLocale addLanguageDirectory: @"PROGDIR:/share/ofhttp/lang"]; #endif |
︙ | ︙ | |||
535 536 537 538 539 540 541 | ? outputPath : OF_PATH_CURRENT_DIRECTORY) permissions: (_continue ? @"rwc" : @"wc")]; /* In case we use ObjOpenSSL for https later */ [sandbox unveilPath: @"/etc/ssl" permissions: @"r"]; sandbox.allowsUnveil = false; | | | 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 | ? outputPath : OF_PATH_CURRENT_DIRECTORY) permissions: (_continue ? @"rwc" : @"wc")]; /* In case we use ObjOpenSSL for https later */ [sandbox unveilPath: @"/etc/ssl" permissions: @"r"]; sandbox.allowsUnveil = false; [OFApplication of_activateSandbox: sandbox]; #endif _outputPath = [outputPath copy]; _URLs = [optionsParser.remainingArguments copy]; if (_URLs.count < 1) help(of_stderr, false, 1); |
︙ | ︙ |