Google Git
Sign in
chromium / chromium / src / d18e0892dcabb921e226354f0c50c95a8b15f4b1 / . / content / renderer / renderer_v2.sb
blob: 895ce5e25e12ad9e30b72c0773a5f1668f56815d [file] [log] [blame]
; Copyright 2017 The Chromium Authors. All rights reserved.
; Use of this source code is governed by a BSD-style license that can be
; found in the LICENSE file.
(version 1)
; The top of this will be the V2 common profile.
; Helper function to check if a param is set to true.
(define (param-true? str) (string=? (param str) "TRUE"))
; Helper function to determine if a parameter is defined or not.
(define (param-defined? str) (string? (param str)))
; Define constants for all of the parameter strings passed in.
(define browser-pid "BROWSER_PID")
(define bundle-id "BUNDLE_ID")
(define bundle-path "BUNDLE_PATH")
(define component-path "COMPONENT_PATH")
(define current-pid "CURRENT_PID")
(define disable-sandbox-denial-logging "DISABLE_SANDBOX_DENIAL_LOGGING")
(define enable-logging "ENABLE_LOGGING")
(define executable-path "EXECUTABLE_PATH")
(define homedir-as-literal "USER_HOMEDIR_AS_LITERAL")
(define log-file-path "LOG_FILE_PATH")
(define os-version (string->number (param "OS_VERSION")))
; Backwards compatibility for 10.9
(if (not (defined? 'path))
(define path literal))
(if (not (defined? 'iokit-registry-entry-class))
(define iokit-registry-entry-class iokit-user-client-class))
; --enable-sandbox-logging causes the sandbox to log failures to the syslog.
(if (param-true? disable-sandbox-denial-logging)
(deny default (with no-log))
(deny default))
(if (param-true? enable-logging) (debug deny))
; Allow sending signals to self - https://crbug.com/20370
(allow signal (target self))
; Consumes a subpath and appends it to the user's homedir path.
(define (user-homedir-path subpath)
(string-append (param homedir-as-literal) subpath))
; Allow logging for all processes.
(allow file-write* (path (param log-file-path)))
; Allow component builds to work.
(if (param-defined? component-path)
(allow file-read* (subpath (param component-path))))
(allow process-exec (path (param executable-path)))
(allow file-read* (path (param executable-path)))
(allow mach-lookup (global-name (string-append (param bundle-id)
".rohitfork."
(param browser-pid))))
; Allow realpath() to work.
(allow file-read-metadata (subpath "/"))
; Allow cf prefs to work.
(allow user-preference-read)
; All processes can read the bundle contents.
(allow file-read* (subpath (param bundle-path)))
; End of common.sb?
(allow file-ioctl file-read-data file-write-data (path "/dev/dtracehelper"))
; File reads.
; Reads from the home directory.
(allow file-read-data (path (user-homedir-path "/.CFUserTextEncoding")))
; Reads of /dev devices.
(allow file-read-data
(path "/dev/autofs_nowait")
(path "/dev/fd")
(path "/dev/null")
(path "/dev/urandom"))
(allow file-write-data (path "/dev/null"))
; Reads from /usr.
(allow file-read-data
(subpath "/usr/lib")
(subpath "/usr/share/icu")
(subpath "/usr/share/locale"))
(if (= os-version 1013)
(allow file-read-data (subpath "/usr/share/zoneinfo.default"))
(allow file-read-data (subpath "/usr/share/zoneinfo")))
; Reads from /Library.
(allow file-read-data (subpath "/Library/Fonts"))
; Reads from /System.
(allow file-read-data
(path "/System/Library/CoreServices/CoreTypes.bundle/Contents/Library/AppExceptions.bundle/Exceptions.plist")
(path "/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/Exceptions.plist")
(path "/System/Library/CoreServices/SystemVersion.plist")
(path "/System/Library/Preferences/Logging/Subsystems/com.apple.SkyLight.plist")
(subpath "/System/Library/ColorSync/Profiles")
(subpath "/System/Library/CoreServices/SystemAppearance.bundle")
(subpath "/System/Library/CoreServices/SystemVersion.bundle")
(subpath "/System/Library/Fonts")
(subpath "/System/Library/Frameworks")
(subpath "/System/Library/PrivateFrameworks"))
; IOKit
(allow iokit-open
(iokit-registry-entry-class "IOSurfaceRootUserClient")
(iokit-registry-entry-class "RootDomainUserClient"))
; POSIX IPC
(allow ipc-posix-shm-read-data
(ipc-posix-name "apple.cfprefs.317580v1")
(ipc-posix-name "apple.cfprefs.daemonv1")
(ipc-posix-name "apple.shm.notification_center"))
; mach IPC
(allow mach-lookup
(global-name "com.apple.distributed_notifications@Uv3")
(global-name "com.apple.fonts")
(global-name "com.apple.logd")
(global-name "com.apple.lsd.mapdb")
(global-name "com.apple.system.logger")
(global-name "com.apple.system.notification_center")
(global-name "com.apple.system.opendirectoryd.libinfo")
(global-name "com.apple.windowserver.active"))
; MacOS dropped FontServer to replace it with the (XPC based) com.apple.fonts,
; but 10.9 through 10.11 use FontServer.
(if (< os-version 1012)
(allow mach-lookup (global-name "com.apple.FontServer")))
; sysctl
(if (= os-version 1009)
(allow sysctl-read)
; else
(allow sysctl-read
(sysctl-name "hw.activecpu")
(sysctl-name "hw.busfrequency_compat")
(sysctl-name "hw.byteorder")
(sysctl-name "hw.cachelinesize_compat")
(sysctl-name "hw.cpufrequency_compat")
(sysctl-name "hw.cputype")
(sysctl-name "hw.machine")
(sysctl-name "hw.ncpu")
(sysctl-name "hw.pagesize_compat")
(sysctl-name "hw.physicalcpu_max")
(sysctl-name "hw.tbfrequency_compat")
(sysctl-name "hw.vectorunit")
(sysctl-name "kern.hostname")
(sysctl-name "kern.maxfilesperproc")
(sysctl-name "kern.osrelease")
(sysctl-name "kern.ostype")
(sysctl-name "kern.osversion")
(sysctl-name (string-append "kern.proc.pid." (param current-pid)))
(sysctl-name "kern.usrstack64")
(sysctl-name "kern.version")
(sysctl-name "sysctl.proc_cputype")))