<rdar://problem/8348990> / <http://webkit.org/b/46633> Make it possible to disable...
authormrowe@apple.com <mrowe@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 27 Sep 2010 22:10:10 +0000 (22:10 +0000)
committermrowe@apple.com <mrowe@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 27 Sep 2010 22:10:10 +0000 (22:10 +0000)
web process via runtime flag.

Patch by Ivan Krstić <ike@apple.com> on 2010-09-27
Reviewed by Mark Rowe.

Enable sandboxing of the web process only if the DisableSandbox user default is not set for the
web process.

* WebProcess/mac/WebProcessMainMac.mm:
(WebKit::WebProcessMain):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@68429 268f45cc-cd09-0410-ab3c-d52691b4dbfc

WebKit2/ChangeLog
WebKit2/WebProcess/mac/WebProcessMainMac.mm

index ac5e6d2..46bd81b 100644 (file)
@@ -1,3 +1,16 @@
+2010-09-27  Ivan Krstić  <ike@apple.com>
+
+        Reviewed by Mark Rowe.
+
+        <rdar://problem/8348990> / <http://webkit.org/b/46633> Make it possible to disable sandboxing of
+        web process via runtime flag.
+
+        Enable sandboxing of the web process only if the DisableSandbox user default is not set for the
+        web process.
+
+        * WebProcess/mac/WebProcessMainMac.mm:
+        (WebKit::WebProcessMain):
+
 2010-09-27  Anders Carlsson  <andersca@apple.com>
 
         Reviewed by Adam Roben.
index a5ca4f8..c26a888 100644 (file)
@@ -60,15 +60,19 @@ int WebProcessMain(const CommandLine& commandLine)
     NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
 
 #if ENABLE(WEB_PROCESS_SANDBOX)
-    char* errorBuf;
-    const char* frameworkPath = [[[[NSBundle bundleForClass:[WKView class]] bundlePath] stringByDeletingLastPathComponent] UTF8String];
-    const char* profilePath = [[[NSBundle mainBundle] pathForResource:@"com.apple.WebProcess" ofType:@"sb"] UTF8String];
-    const char* const sandboxParam[] = { "webkit2_framework_path", frameworkPath, NULL };
-
-    if (sandbox_init_with_parameters(profilePath, SANDBOX_NAMED_EXTERNAL, sandboxParam, &errorBuf)) {
-        fprintf(stderr, "WebProcess: couldn't initialize sandbox profile [%s] with framework path [%s]: %s\n", profilePath, frameworkPath, errorBuf);
-        exit(EX_NOPERM);
-    }
+    if (![[NSUserDefaults standardUserDefaults] boolForKey:@"DisableSandbox"]) {
+        char* errorBuf;
+        const char* frameworkPath = [[[[NSBundle bundleForClass:[WKView class]] bundlePath] stringByDeletingLastPathComponent] UTF8String];
+        const char* profilePath = [[[NSBundle mainBundle] pathForResource:@"com.apple.WebProcess" ofType:@"sb"] UTF8String];
+        const char* const sandboxParam[] = { "webkit2_framework_path", frameworkPath, NULL };
+
+        if (sandbox_init_with_parameters(profilePath, SANDBOX_NAMED_EXTERNAL, sandboxParam, &errorBuf)) {
+            fprintf(stderr, "WebProcess: couldn't initialize sandbox profile [%s] with framework path [%s]: %s\n", profilePath, frameworkPath, errorBuf);
+            exit(EX_NOPERM);
+        }
+    } else
+        fprintf(stderr, "Bypassing sandbox due to DisableSandbox user default.\n");
+
 #endif
 
     String serviceName = commandLine["servicename"];