[SCM] WebKit Debian packaging branch, webkit-1.3, updated. upstream/1.3.7-4207-g178b198
andersca at apple.com
andersca at apple.com
Sun Feb 20 22:58:20 UTC 2011
The following commit has been merged in the webkit-1.3 branch:
commit 1dccf2e9bb7dc46aef344c87d2544b8410b88dd6
Author: andersca at apple.com <andersca at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Fri Jan 14 21:51:53 2011 +0000
Delay initializing the sandbox until we get the InitializeWebProcess message.
Reviewed by Sam Weinig.
* WebProcess/mac/WebProcessMac.mm:
(WebKit::initializeSandbox):
(WebKit::WebProcess::platformInitializeWebProcess):
* WebProcess/mac/WebProcessMainMac.mm:
(WebKit::WebProcessMain):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@75814 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebKit2/ChangeLog b/WebKit2/ChangeLog
index f65dac9..dd18486 100644
--- a/WebKit2/ChangeLog
+++ b/WebKit2/ChangeLog
@@ -1,3 +1,15 @@
+2011-01-14 Anders Carlsson <andersca at apple.com>
+
+ Reviewed by Sam Weinig.
+
+ Delay initializing the sandbox until we get the InitializeWebProcess message.
+
+ * WebProcess/mac/WebProcessMac.mm:
+ (WebKit::initializeSandbox):
+ (WebKit::WebProcess::platformInitializeWebProcess):
+ * WebProcess/mac/WebProcessMainMac.mm:
+ (WebKit::WebProcessMain):
+
2011-01-14 Laszlo Gombos <laszlo.1.gombos at nokia.com>
Reviewed by Kenneth Rohde Christiansen.
diff --git a/WebKit2/WebProcess/mac/WebProcessMac.mm b/WebKit2/WebProcess/mac/WebProcessMac.mm
index a049a39..092e5da 100644
--- a/WebKit2/WebProcess/mac/WebProcessMac.mm
+++ b/WebKit2/WebProcess/mac/WebProcessMac.mm
@@ -36,6 +36,12 @@
#include <mach/mach.h>
#include <mach/mach_error.h>
+#if ENABLE(WEB_PROCESS_SANDBOX)
+#include <sandbox.h>
+#include <stdlib.h>
+#include <sysexits.h>
+#endif
+
using namespace WebCore;
using namespace std;
@@ -103,8 +109,46 @@ void WebProcess::platformClearResourceCaches()
[[NSURLCache sharedURLCache] removeAllCachedResponses];
}
+static void initializeSandbox(const WebProcessCreationParameters& parameters)
+{
+#if ENABLE(WEB_PROCESS_SANDBOX)
+ if ([[NSUserDefaults standardUserDefaults] boolForKey:@"DisableSandbox"]) {
+ fprintf(stderr, "Bypassing sandbox due to DisableSandbox user default.\n");
+ return;
+ }
+
+ char* errorBuf;
+ char tmpPath[PATH_MAX];
+ char tmpRealPath[PATH_MAX];
+ char cachePath[PATH_MAX];
+ char cacheRealPath[PATH_MAX];
+ const char* frameworkPath = [[[[NSBundle bundleForClass:NSClassFromString(@"WKView")] bundlePath] stringByDeletingLastPathComponent] UTF8String];
+ const char* profilePath = [[[NSBundle mainBundle] pathForResource:@"com.apple.WebProcess" ofType:@"sb"] UTF8String];
+
+ if (confstr(_CS_DARWIN_USER_TEMP_DIR, tmpPath, PATH_MAX) <= 0 || !realpath(tmpPath, tmpRealPath))
+ tmpRealPath[0] = '\0';
+
+ if (confstr(_CS_DARWIN_USER_CACHE_DIR, cachePath, PATH_MAX) <= 0 || !realpath(cachePath, cacheRealPath))
+ cacheRealPath[0] = '\0';
+
+ const char* const sandboxParam[] = {
+ "WEBKIT2_FRAMEWORK_DIR", frameworkPath,
+ "DARWIN_USER_TEMP_DIR", (const char*)tmpRealPath,
+ "DARWIN_USER_CACHE_DIR", (const char*)cacheRealPath,
+ NULL
+ };
+
+ if (sandbox_init_with_parameters(profilePath, SANDBOX_NAMED_EXTERNAL, sandboxParam, &errorBuf)) {
+ fprintf(stderr, "WebProcess: couldn't initialize sandbox profile [%s] with framework path [%s], tmp path [%s], cache path [%s]: %s\n", profilePath, frameworkPath, tmpRealPath, cacheRealPath, errorBuf);
+ exit(EX_NOPERM);
+ }
+#endif
+}
+
void WebProcess::platformInitializeWebProcess(const WebProcessCreationParameters& parameters, CoreIPC::ArgumentDecoder*)
{
+ initializeSandbox(parameters);
+
if (!parameters.nsURLCachePath.isNull()) {
NSUInteger cacheMemoryCapacity = parameters.nsURLCacheMemoryCapacity;
NSUInteger cacheDiskCapacity = parameters.nsURLCacheDiskCapacity;
diff --git a/WebKit2/WebProcess/mac/WebProcessMainMac.mm b/WebKit2/WebProcess/mac/WebProcessMainMac.mm
index c44e1ef..5cefb59 100644
--- a/WebKit2/WebProcess/mac/WebProcessMainMac.mm
+++ b/WebKit2/WebProcess/mac/WebProcessMainMac.mm
@@ -42,11 +42,6 @@
#import <wtf/Threading.h>
#import <wtf/text/CString.h>
-#if ENABLE(WEB_PROCESS_SANDBOX)
-#import <sandbox.h>
-#import <stdlib.h>
-#endif
-
// FIXME: We should be doing this another way.
extern "C" kern_return_t bootstrap_look_up2(mach_port_t, const name_t, mach_port_t*, pid_t, uint64_t);
@@ -60,38 +55,6 @@ int WebProcessMain(const CommandLine& commandLine)
{
NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
-#if ENABLE(WEB_PROCESS_SANDBOX)
- if (![[NSUserDefaults standardUserDefaults] boolForKey:@"DisableSandbox"]) {
- char* errorBuf;
- char tmpPath[PATH_MAX];
- char tmpRealPath[PATH_MAX];
- char cachePath[PATH_MAX];
- char cacheRealPath[PATH_MAX];
- const char* frameworkPath = [[[[NSBundle bundleForClass:[WKView class]] bundlePath] stringByDeletingLastPathComponent] UTF8String];
- const char* profilePath = [[[NSBundle mainBundle] pathForResource:@"com.apple.WebProcess" ofType:@"sb"] UTF8String];
-
- if (confstr(_CS_DARWIN_USER_TEMP_DIR, tmpPath, PATH_MAX) <= 0 || !realpath(tmpPath, tmpRealPath))
- tmpRealPath[0] = '\0';
-
- if (confstr(_CS_DARWIN_USER_CACHE_DIR, cachePath, PATH_MAX) <= 0 || !realpath(cachePath, cacheRealPath))
- cacheRealPath[0] = '\0';
-
- const char* const sandboxParam[] = {
- "WEBKIT2_FRAMEWORK_DIR", frameworkPath,
- "DARWIN_USER_TEMP_DIR", (const char*)tmpRealPath,
- "DARWIN_USER_CACHE_DIR", (const char*)cacheRealPath,
- NULL
- };
-
- if (sandbox_init_with_parameters(profilePath, SANDBOX_NAMED_EXTERNAL, sandboxParam, &errorBuf)) {
- fprintf(stderr, "WebProcess: couldn't initialize sandbox profile [%s] with framework path [%s], tmp path [%s], cache path [%s]: %s\n", profilePath, frameworkPath, tmpRealPath, cacheRealPath, errorBuf);
- exit(EX_NOPERM);
- }
- } else
- fprintf(stderr, "Bypassing sandbox due to DisableSandbox user default.\n");
-
-#endif
-
String serviceName = commandLine["servicename"];
if (serviceName.isEmpty())
return EXIT_FAILURE;
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list