Bug 1380416 - Part 2 - Remove sandboxing junk that isn't required anymore draft
authorAlex Gaynor <agaynor@mozilla.com>
Fri, 14 Jul 2017 16:10:27 -0400
changeset 609875 5392934d2828209404ae023d5103e95aa609358c
parent 609859 b7967ec647edef8524a3b494b316775df6443feb
child 637705 1cbe7e0cb2d05db6d4fbdb3e582b12d8cccd6906
push id68721
push userbmo:agaynor@mozilla.com
push dateMon, 17 Jul 2017 16:59:34 +0000
bugs1380416
milestone56.0a1
Bug 1380416 - Part 2 - Remove sandboxing junk that isn't required anymore MozReview-Commit-ID: EKOtN6KS6eT
dom/ipc/ContentChild.cpp
security/sandbox/mac/Sandbox.h
security/sandbox/mac/Sandbox.mm
security/sandbox/mac/SandboxPolicies.h
--- a/dom/ipc/ContentChild.cpp
+++ b/dom/ipc/ContentChild.cpp
@@ -1458,33 +1458,16 @@ GetDirectoryPath(const char *aPath) {
   nsAutoCString directoryPath;
   if (NS_FAILED(directoryFile->GetNativePath(directoryPath))) {
     MOZ_CRASH("Failed to get path for an nsIFile");
   }
   return directoryPath;
 }
 #endif // DEBUG
 
-static nsresult
-NormalizePath(const char* aPath, nsCString& aOutPath)
-{
-  nsresult rv;
-
-  nsCOMPtr<nsIFile> file;
-  rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(aPath), true, getter_AddRefs(file));
-  NS_ENSURE_SUCCESS(rv, rv);
-
-  rv = file->Normalize();
-  NS_ENSURE_SUCCESS(rv, rv);
-
-  rv = file->GetNativePath(aOutPath);
-  NS_ENSURE_SUCCESS(rv, rv);
-  return NS_OK;
-}
-
 static bool
 StartMacOSContentSandbox()
 {
   int sandboxLevel = GetEffectiveContentSandboxLevel();
   if (sandboxLevel < 1) {
     return false;
   }
 
@@ -1519,25 +1502,16 @@ StartMacOSContentSandbox()
     profileDir->Normalize();
     rv = profileDir->GetNativePath(profileDirPath);
     if (NS_FAILED(rv) || profileDirPath.IsEmpty()) {
       MOZ_CRASH("Failed to get profile path");
     }
   }
 
   bool isFileProcess = cc->GetRemoteType().EqualsLiteral(FILE_REMOTE_TYPE);
-  char *developer_repo_dir = nullptr;
-  char *developer_obj_dir = nullptr;
-  if (mozilla::IsDevelopmentBuild()) {
-    // If this is a developer build the resources in the .app are symlinks to
-    // outside of the .app. Therefore in non-release builds we allow reads from
-    // the whole repository. MOZ_DEVELOPER_REPO_DIR is set by mach run.
-    developer_repo_dir = PR_GetEnv("MOZ_DEVELOPER_REPO_DIR");
-    developer_obj_dir = PR_GetEnv("MOZ_DEVELOPER_OBJ_DIR");
-  }
 
   MacSandboxInfo info;
   info.type = MacSandboxType_Content;
   info.level = sandboxLevel;
   info.hasFilePrivileges = isFileProcess;
   info.shouldLog = Preferences::GetBool("security.sandbox.logging.enabled") ||
                    PR_GetEnv("MOZ_SANDBOX_LOGGING");
   info.appPath.assign(appPath.get());
@@ -1554,34 +1528,16 @@ StartMacOSContentSandbox()
     info.testingReadPath1.assign(testingReadPath1.get());
   }
   nsAdoptingCString testingReadPath2 =
     Preferences::GetCString("security.sandbox.content.mac.testing_read_path2");
   if (!testingReadPath2.IsEmpty()) {
     info.testingReadPath2.assign(testingReadPath2.get());
   }
 
-  if (developer_repo_dir) {
-    nsCString repoDirPath;
-    rv = NormalizePath(developer_repo_dir, repoDirPath);
-    if (NS_FAILED(rv)) {
-      MOZ_CRASH("Failed to normalize repo path");
-    }
-    info.testingReadPath3.assign(repoDirPath.get());
-  }
-
-  if (developer_obj_dir) {
-    nsCString objDirPath;
-    rv = NormalizePath(developer_obj_dir, objDirPath);
-    if (NS_FAILED(rv)) {
-      MOZ_CRASH("Failed to normalize obj dir path");
-    }
-    info.testingReadPath4.assign(objDirPath.get());
-  }
-
   if (profileDir) {
     info.hasSandboxedProfile = true;
     info.profileDir.assign(profileDirPath.get());
   } else {
     info.hasSandboxedProfile = false;
   }
 
 #ifdef DEBUG
--- a/security/sandbox/mac/Sandbox.h
+++ b/security/sandbox/mac/Sandbox.h
@@ -45,35 +45,31 @@ typedef struct _MacSandboxInfo {
     : type(other.type), level(other.level),
       hasFilePrivileges(other.hasFilePrivileges),
       hasSandboxedProfile(other.hasSandboxedProfile),
       pluginInfo(other.pluginInfo),
       appPath(other.appPath), appBinaryPath(other.appBinaryPath),
       appDir(other.appDir), appTempDir(other.appTempDir),
       profileDir(other.profileDir), debugWriteDir(other.debugWriteDir),
       testingReadPath1(other.testingReadPath1),
-      testingReadPath2(other.testingReadPath2),
-      testingReadPath3(other.testingReadPath3),
-      testingReadPath4(other.testingReadPath4), shouldLog(other.shouldLog) {}
+      testingReadPath2(other.testingReadPath2), shouldLog(other.shouldLog) {}
   MacSandboxType type;
   int32_t level;
   bool hasFilePrivileges;
   bool hasSandboxedProfile;
   MacSandboxPluginInfo pluginInfo;
   std::string appPath;
   std::string appBinaryPath;
   std::string appDir;
   std::string appTempDir;
   std::string profileDir;
   std::string debugWriteDir;
 
   std::string testingReadPath1;
   std::string testingReadPath2;
-  std::string testingReadPath3;
-  std::string testingReadPath4;
 
   bool shouldLog;
 } MacSandboxInfo;
 
 namespace mozilla {
 
 bool StartMacSandbox(MacSandboxInfo aInfo, std::string &aErrorMessage);
 
--- a/security/sandbox/mac/Sandbox.mm
+++ b/security/sandbox/mac/Sandbox.mm
@@ -183,24 +183,16 @@ bool StartMacSandbox(MacSandboxInfo aInf
       if (!aInfo.testingReadPath1.empty()) {
         params.push_back("TESTING_READ_PATH1");
         params.push_back(aInfo.testingReadPath1.c_str());
       }
       if (!aInfo.testingReadPath2.empty()) {
         params.push_back("TESTING_READ_PATH2");
         params.push_back(aInfo.testingReadPath2.c_str());
       }
-      if (!aInfo.testingReadPath3.empty()) {
-        params.push_back("TESTING_READ_PATH3");
-        params.push_back(aInfo.testingReadPath3.c_str());
-      }
-      if (!aInfo.testingReadPath4.empty()) {
-        params.push_back("TESTING_READ_PATH4");
-        params.push_back(aInfo.testingReadPath4.c_str());
-      }
 #ifdef DEBUG
       if (!aInfo.debugWriteDir.empty()) {
         params.push_back("DEBUG_WRITE_DIR");
         params.push_back(aInfo.debugWriteDir.c_str());
       }
 #endif // DEBUG
     } else {
       fprintf(stderr,
--- a/security/sandbox/mac/SandboxPolicies.h
+++ b/security/sandbox/mac/SandboxPolicies.h
@@ -62,18 +62,16 @@ static const char contentSandboxRules[] 
   (define appTempDir (param "APP_TEMP_DIR"))
   (define hasProfileDir (param "HAS_SANDBOXED_PROFILE"))
   (define profileDir (param "PROFILE_DIR"))
   (define home-path (param "HOME_PATH"))
   (define hasFilePrivileges (param "HAS_FILE_PRIVILEGES"))
   (define debugWriteDir (param "DEBUG_WRITE_DIR"))
   (define testingReadPath1 (param "TESTING_READ_PATH1"))
   (define testingReadPath2 (param "TESTING_READ_PATH2"))
-  (define testingReadPath3 (param "TESTING_READ_PATH3"))
-  (define testingReadPath4 (param "TESTING_READ_PATH4"))
 
   (if (string=? should-log "TRUE")
     (deny default)
     (deny default (with no-log)))
   (debug deny)
 
   ; Allow read access to standard system paths.
   (allow file-read*
@@ -260,20 +258,16 @@ static const char contentSandboxRules[] 
 
       (literal appPath)
       (literal appBinaryPath))
 
   (when testingReadPath1
     (allow file-read* (subpath testingReadPath1)))
   (when testingReadPath2
     (allow file-read* (subpath testingReadPath2)))
-  (when testingReadPath3
-    (allow file-read* (subpath testingReadPath3)))
-  (when testingReadPath4
-    (allow file-read* (subpath testingReadPath4)))
 
   (allow file-read-metadata (home-subpath "/Library"))
 
   (allow file-read-metadata
     (literal "/private/var")
     (subpath "/private/var/folders"))
 
   ; bug 1303987