зеркало из https://github.com/mozilla/gecko-dev.git
Bug 928042 - Add an environment variable to disable content processes sandboxing even when MOZ_CONTENT_SANDBOX is defined. r=aklotz
This commit is contained in:
Родитель
121dda43b7
Коммит
152817226f
|
@ -1421,6 +1421,7 @@ ContentParent::ContentParent(mozIApplication* aApp,
|
|||
NS_ASSERTION(NS_IsMainThread(), "Wrong thread!");
|
||||
mSubprocess = new GeckoChildProcessHost(GeckoProcessType_Content,
|
||||
aOSPrivileges);
|
||||
mSubprocess->SetSandboxEnabled(ShouldSandboxContentProcesses());
|
||||
|
||||
IToplevelProtocol::SetTransport(mSubprocess->GetChannel());
|
||||
|
||||
|
@ -3282,5 +3283,15 @@ ContentParent::ShouldContinueFromReplyTimeout()
|
|||
return false;
|
||||
}
|
||||
|
||||
bool
|
||||
ContentParent::ShouldSandboxContentProcesses()
|
||||
{
|
||||
#ifdef MOZ_CONTENT_SANDBOX
|
||||
return !PR_GetEnv("MOZ_DISABLE_CONTENT_SANDBOX");
|
||||
#else
|
||||
return true;
|
||||
#endif
|
||||
}
|
||||
|
||||
} // namespace dom
|
||||
} // namespace mozilla
|
||||
|
|
|
@ -220,6 +220,7 @@ protected:
|
|||
void OnNuwaForkTimeout();
|
||||
|
||||
bool ShouldContinueFromReplyTimeout() MOZ_OVERRIDE;
|
||||
bool ShouldSandboxContentProcesses();
|
||||
|
||||
private:
|
||||
static nsDataHashtable<nsStringHashKey, ContentParent*> *sAppContentParents;
|
||||
|
|
|
@ -70,14 +70,16 @@ InitializeBinder(void *aDummy) {
|
|||
int
|
||||
main(int argc, char* argv[])
|
||||
{
|
||||
#ifdef MOZ_NUWA_PROCESS
|
||||
bool isNuwa = false;
|
||||
bool isSandboxEnabled = false;
|
||||
for (int i = 1; i < argc; i++) {
|
||||
if (strcmp(argv[i], "-nuwa") == 0) {
|
||||
PrepareNuwaProcess();
|
||||
isNuwa = true;
|
||||
break;
|
||||
}
|
||||
isNuwa |= strcmp(argv[i], "-nuwa") == 0;
|
||||
isSandboxEnabled |= strcmp(argv[i], "-sandbox") == 0;
|
||||
}
|
||||
|
||||
#ifdef MOZ_NUWA_PROCESS
|
||||
if (isNuwa) {
|
||||
PrepareNuwaProcess();
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -99,19 +101,21 @@ main(int argc, char* argv[])
|
|||
#endif
|
||||
|
||||
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
|
||||
sandbox::TargetServices* target_service =
|
||||
sandbox::SandboxFactory::GetTargetServices();
|
||||
if (!target_service) {
|
||||
return 1;
|
||||
}
|
||||
if (isSandboxEnabled) {
|
||||
sandbox::TargetServices* target_service =
|
||||
sandbox::SandboxFactory::GetTargetServices();
|
||||
if (!target_service) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
sandbox::ResultCode result = target_service->Init();
|
||||
if (result != sandbox::SBOX_ALL_OK) {
|
||||
return 2;
|
||||
}
|
||||
sandbox::ResultCode result = target_service->Init();
|
||||
if (result != sandbox::SBOX_ALL_OK) {
|
||||
return 2;
|
||||
}
|
||||
|
||||
// Initialization is finished, switch to the lowered token
|
||||
target_service->LowerToken();
|
||||
// Initialization is finished, switch to the lowered token
|
||||
target_service->LowerToken();
|
||||
}
|
||||
#endif
|
||||
|
||||
// Check for the absolute minimum number of args we need to move
|
||||
|
|
|
@ -87,6 +87,7 @@ GeckoChildProcessHost::GeckoChildProcessHost(GeckoProcessType aProcessType,
|
|||
ChildPrivileges aPrivileges)
|
||||
: ChildProcessHost(RENDER_PROCESS), // FIXME/cjones: we should own this enum
|
||||
mProcessType(aProcessType),
|
||||
mSandboxEnabled(true),
|
||||
mPrivileges(aPrivileges),
|
||||
mMonitor("mozilla.ipc.GeckChildProcessHost.mMonitor"),
|
||||
mProcessState(CREATING_CHANNEL),
|
||||
|
@ -739,6 +740,13 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt
|
|||
}
|
||||
}
|
||||
|
||||
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
|
||||
if (mSandboxEnabled) {
|
||||
// Tell the process that it should lower its rights after initialization.
|
||||
cmdLine.AppendLooseValue(UTF8ToWide("-sandbox"));
|
||||
}
|
||||
#endif
|
||||
|
||||
// Add the application directory path (-appdir path)
|
||||
AddAppDirToCommandLine(cmdLine);
|
||||
|
||||
|
@ -761,14 +769,17 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt
|
|||
cmdLine.AppendLooseValue(UTF8ToWide(childProcessType));
|
||||
|
||||
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
|
||||
mozilla::SandboxBroker sandboxBroker;
|
||||
sandboxBroker.LaunchApp(cmdLine.program().c_str(),
|
||||
cmdLine.command_line_string().c_str(),
|
||||
&process);
|
||||
#else
|
||||
base::LaunchApp(cmdLine, false, false, &process);
|
||||
#endif
|
||||
if (mSandboxEnabled) {
|
||||
|
||||
mozilla::SandboxBroker sandboxBroker;
|
||||
sandboxBroker.LaunchApp(cmdLine.program().c_str(),
|
||||
cmdLine.command_line_string().c_str(),
|
||||
&process);
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
base::LaunchApp(cmdLine, false, false, &process);
|
||||
}
|
||||
|
||||
#else
|
||||
# error Sorry
|
||||
|
|
|
@ -123,11 +123,17 @@ public:
|
|||
*/
|
||||
void Join();
|
||||
|
||||
void SetSandboxEnabled(bool aSandboxEnabled) {
|
||||
mSandboxEnabled = aSandboxEnabled;
|
||||
}
|
||||
|
||||
protected:
|
||||
GeckoProcessType mProcessType;
|
||||
bool mSandboxEnabled;
|
||||
ChildPrivileges mPrivileges;
|
||||
Monitor mMonitor;
|
||||
FilePath mProcessPath;
|
||||
|
||||
// This value must be accessed while holding mMonitor.
|
||||
enum {
|
||||
// This object has been constructed, but the OS process has not
|
||||
|
|
Загрузка…
Ссылка в новой задаче