Bug 1272764 - Remove OS X 10.6-10.8-Specific Sandboxing Code; r=bobowen
authorHaik Aftandilian <haftandilian@mozilla.com>
Mon, 06 Jun 2016 13:15:00 +0200
changeset 300843 4ffe615e05a8e86b4a42d65b20701eeef7329791
parent 300842 518708a725d51167927dc6f502115c031952a3bb
child 300844 4f1b49de286936fa27c74249e2ed1fcdd9c542d9
push id19599
push usercbook@mozilla.com
push dateWed, 08 Jun 2016 10:16:21 +0000
treeherderfx-team@81f4cc3f6f4c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbobowen
bugs1272764
milestone50.0a1
Bug 1272764 - Remove OS X 10.6-10.8-Specific Sandboxing Code; r=bobowen
security/sandbox/mac/Sandbox.mm
--- a/security/sandbox/mac/Sandbox.mm
+++ b/security/sandbox/mac/Sandbox.mm
@@ -35,32 +35,26 @@ extern "C" void sandbox_free_error(char 
 // doing so follows Apple's terminology in Gestalt.h.  But this is very
 // misleading, because in other contexts Apple uses the "minor" component of
 // an OS X version number to indicate a "major" release (for example the "9"
 // in OS X 10.9.5), and the "bugfix" component to indicate a "minor" release
 // (for example the "5" in OS X 10.9.5).
 
 class OSXVersion {
 public:
-  static bool OnLionOrLater();
   static int32_t OSXVersionMinor();
 
 private:
   static void GetSystemVersion(int32_t& aMajor, int32_t& aMinor, int32_t& aBugFix);
   static int32_t GetVersionNumber();
   static int32_t mOSXVersion;
 };
 
 int32_t OSXVersion::mOSXVersion = -1;
 
-bool OSXVersion::OnLionOrLater()
-{
-  return (GetVersionNumber() >= MAC_OS_X_VERSION_10_7_HEX);
-}
-
 int32_t OSXVersion::OSXVersionMinor()
 {
   return (GetVersionNumber() & 0xF0) >> 4;
 }
 
 void
 OSXVersion::GetSystemVersion(int32_t& aMajor, int32_t& aMinor, int32_t& aBugFix)
 {
@@ -124,20 +118,17 @@ OSXVersion::GetVersionNumber()
 
 namespace mozilla {
 
 static const char pluginSandboxRules[] =
   "(version 1)\n"
   "(deny default)\n"
   "(allow signal (target self))\n"
   "(allow sysctl-read)\n"
-  // Illegal syntax on OS X 10.6, needed on 10.7 and up.
-  "%s(allow iokit-open (iokit-user-client-class \"IOHIDParamUserClient\"))\n"
-  // Needed only on OS X 10.6
-  "%s(allow file-read-data (literal \"%s\"))\n"
+  "(allow iokit-open (iokit-user-client-class \"IOHIDParamUserClient\"))\n"
   "(allow mach-lookup\n"
   "    (global-name \"com.apple.cfprefsd.agent\")\n"
   "    (global-name \"com.apple.cfprefsd.daemon\")\n"
   "    (global-name \"com.apple.system.opendirectoryd.libinfo\")\n"
   "    (global-name \"com.apple.system.logger\")\n"
   "    (global-name \"com.apple.ls.boxd\"))\n"
   "(allow file-read*\n"
   "    (regex #\"^/etc$\")\n"
@@ -213,21 +204,16 @@ static const char contentSandboxRules[] 
   "  (global-name \"com.apple.trustd.agent\")\n"
   "  (global-name \"com.apple.xpc.activity.unmanaged\")\n"
   "  (global-name \"com.apple.xpcd\")\n"
   "  (local-name \"com.apple.cfprefsd.agent\"))\n"
   "\n"
   "; Used to read hw.ncpu, hw.physicalcpu_max, kern.ostype, and others\n"
   "(allow sysctl-read)\n"
   "\n"
-  "(if \n"
-  "  (or\n"
-  "    (< macosMinorVersion 9)\n"
-  "    (< sandbox-level 1))\n"
-  "  (allow default)\n"
   "  (begin\n"
   "    (deny default)\n"
   "    (debug deny)\n"
   "\n"
   "    (define resolving-literal literal)\n"
   "    (define resolving-subpath subpath)\n"
   "    (define resolving-regex regex)\n"
   "\n"
@@ -478,54 +464,50 @@ static const char contentSandboxRules[] 
   "    (allow file-read*\n"
   "        (home-subpath \"/Library/Caches/TemporaryItems\"))\n"
   "\n"
   "; bug 1237847\n"
   "    (allow file-read*\n"
   "        (subpath appTempDir))\n"
   "    (allow file-write*\n"
   "        (subpath appTempDir))\n"
-  "  )\n"
-  ")\n";
+  "  )\n";
 
 bool StartMacSandbox(MacSandboxInfo aInfo, std::string &aErrorMessage)
 {
   char *profile = NULL;
   if (aInfo.type == MacSandboxType_Plugin) {
-    if (OSXVersion::OnLionOrLater()) {
-      asprintf(&profile, pluginSandboxRules, "", ";",
-               aInfo.pluginInfo.pluginPath.c_str(),
-               aInfo.pluginInfo.pluginBinaryPath.c_str(),
-               aInfo.appPath.c_str(),
-               aInfo.appBinaryPath.c_str());
-    } else {
-      asprintf(&profile, pluginSandboxRules, ";", "",
-               aInfo.pluginInfo.pluginPath.c_str(),
-               aInfo.pluginInfo.pluginBinaryPath.c_str(),
-               aInfo.appPath.c_str(),
-               aInfo.appBinaryPath.c_str());
-    }
+    asprintf(&profile, pluginSandboxRules,
+             aInfo.pluginInfo.pluginBinaryPath.c_str(),
+             aInfo.appPath.c_str(),
+             aInfo.appBinaryPath.c_str());
 
     if (profile &&
       aInfo.pluginInfo.type == MacSandboxPluginType_GMPlugin_EME_Widevine) {
       char *widevineProfile = NULL;
       asprintf(&widevineProfile, "%s%s", profile,
         widevinePluginSandboxRulesAddend);
       free(profile);
       profile = widevineProfile;
     }
   }
   else if (aInfo.type == MacSandboxType_Content) {
-    asprintf(&profile, contentSandboxRules, aInfo.level,
-             OSXVersion::OSXVersionMinor(),
-             aInfo.appPath.c_str(),
-             aInfo.appBinaryPath.c_str(),
-             aInfo.appDir.c_str(),
-             aInfo.appTempDir.c_str(),
-             getenv("HOME"));
+    if (aInfo.level >= 1) {
+      asprintf(&profile, contentSandboxRules, aInfo.level,
+               OSXVersion::OSXVersionMinor(),
+               aInfo.appPath.c_str(),
+               aInfo.appBinaryPath.c_str(),
+               aInfo.appDir.c_str(),
+               aInfo.appTempDir.c_str(),
+               getenv("HOME"));
+    } else {
+      fprintf(stderr,
+        "Content sandbox disabled due to sandbox level setting\n");
+      return (true);
+    }
   }
   else {
     char *msg = NULL;
     asprintf(&msg, "Unexpected sandbox type %u", aInfo.type);
     if (msg) {
       aErrorMessage.assign(msg);
       free(msg);
     }