content/utility/utility.sb - chromium/src.git - Git at Google

 ;;
 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved.
 ;; Use of this source code is governed by a BSD-style license that can be
 ;; found in the LICENSE file.
 ;;
 ; This is the Sandbox configuration file used for safeguarding the utility
 ; process which is used for performing sandboxed operations that need to touch
 ; the filesystem like decoding theme images and unpacking extensions.
 ;
 ; This configuration locks everything down, except access to one configurable
 ; directory.  This is different from other sandbox configuration files where
 ; file system access is entireley restricted.

 ; *** The contents of content/common/common.sb are implicitly included here. ***

 ; Enable full access to given directory if needed.
 (if (param-defined? permitted-dir)
     (begin
       (allow file-read-metadata )
       (allow file-read* file-write* (subpath (param permitted-dir)))))
	;;
	;; Copyright (c) 2011 The Chromium Authors. All rights reserved.
	;; Use of this source code is governed by a BSD-style license that can be
	;; found in the LICENSE file.
	;;
	; This is the Sandbox configuration file used for safeguarding the utility
	; process which is used for performing sandboxed operations that need to touch
	; the filesystem like decoding theme images and unpacking extensions.
	;
	; This configuration locks everything down, except access to one configurable
	; directory. This is different from other sandbox configuration files where
	; file system access is entireley restricted.

	; * The contents of content/common/common.sb are implicitly included here. *

	; Enable full access to given directory if needed.
	(if (param-defined? permitted-dir)
	(begin
	(allow file-read-metadata )
	(allow file-read* file-write* (subpath (param permitted-dir)))))