Bug 1215303 - Part 2 - automatically enable broker when in permissive mode r=jld
authorJulian Hector <julian.r.hector@gmail.com>
Fri, 13 Nov 2015 12:29:47 +0000
changeset 273892 d8b6ab130caa9b9d1ec974aa9b0c86a4fec8683c
parent 273891 97e94e27af5239618257616269c37d5a36ae6a7f
child 273893 c23c1d8c548f3265ff8243bdc87aa25163150a80
push id68422
push usercbook@mozilla.com
push dateTue, 24 Nov 2015 09:51:11 +0000
treeherdermozilla-inbound@c23c1d8c548f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjld
bugs1215303
milestone45.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1215303 - Part 2 - automatically enable broker when in permissive mode r=jld
security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
@@ -1,15 +1,16 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "SandboxBrokerPolicyFactory.h"
+#include "SandboxInfo.h"
 
 #include "mozilla/ClearOnShutdown.h"
 #include "mozilla/Preferences.h"
 #include "nsPrintfCString.h"
 #include "nsString.h"
 #include "nsThreadUtils.h"
 #include "nsXULAppAPI.h"
 
@@ -24,16 +25,22 @@ SandboxBrokerPolicyFactory::IsSystemSupp
 #ifdef ANDROID
   char hardware[PROPERTY_VALUE_MAX];
   int length = property_get("ro.hardware", hardware, nullptr);
   // "goldfish" -> emulator.  Other devices can be added when we're
   // reasonably sure they work.  Eventually this won't be needed....
   if (length > 0 && strcmp(hardware, "goldfish") == 0) {
     return true;
   }
+
+  // When broker is running in permissive mode, we enable it
+  // automatically regardless of the device.
+  if (SandboxInfo::Get().Test(SandboxInfo::kPermissive)) {
+    return true;
+  }
 #endif
   return false;
 }
 
 #if defined(MOZ_CONTENT_SANDBOX) && defined(MOZ_WIDGET_GONK)
 namespace {
 static const int rdonly = SandboxBroker::MAY_READ;
 static const int wronly = SandboxBroker::MAY_WRITE;