Cleaned up com.apple.WebProcess.sb
authormitz@apple.com <mitz@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 5 Jan 2011 17:50:20 +0000 (17:50 +0000)
committermitz@apple.com <mitz@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 5 Jan 2011 17:50:20 +0000 (17:50 +0000)
Rubber-stamped by Darin Adler.

* WebProcess/com.apple.WebProcess.sb: Moved the closing parentheses of multi-line blocks to
their own lines. Changed to use WebKit-standard 4-space indentation.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@75075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

WebKit2/ChangeLog
WebKit2/WebProcess/com.apple.WebProcess.sb

index 30c9f42..899eee2 100644 (file)
@@ -1,3 +1,12 @@
+2011-01-05  Dan Bernstein  <mitz@apple.com>
+
+        Rubber-stamped by Darin Adler.
+
+        Cleaned up com.apple.WebProcess.sb
+
+        * WebProcess/com.apple.WebProcess.sb: Moved the closing parentheses of multi-line blocks to
+        their own lines. Changed to use WebKit-standard 4-space indentation.
+
 2011-01-05  Alexey Proskuryakov  <ap@apple.com>
 
         Reviewed by Sam Weinig.
index 3d143fc..0432bd5 100644 (file)
@@ -6,46 +6,49 @@
 
 ;; Read-only preferences and data
 (allow file-read*
-       ;; Basic system paths
-       (subpath "/Library/Fonts")
-       (subpath "/Library/Frameworks")
-       (subpath "/Library/Keychains")
-       (subpath "/private/var/db/mds")
-       (regex #"^/private/etc/(hosts|group|passwd)$")
-
-       ;; Plugins
-       (subpath "/Library/Internet Plug-Ins")
-       (subpath (string-append (param "_HOME") "/Library/Internet Plug-Ins"))
-
-       ;; System and user preferences
-       (literal "/Library/Preferences/.GlobalPreferences.plist")
-       (literal "/Library/Preferences/com.apple.security.plist")
-       (literal (string-append (param "_HOME") "/Library/Preferences/.GlobalPreferences.plist"))
-       (regex (string-append "^" (param "_HOME") "/Library/Preferences/ByHost/\.GlobalPreferences\."))
-       (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.ATS.plist"))
-       (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.HIToolbox.plist"))
-       (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.LaunchServices.plist"))
-       (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.WebFoundation.plist"))
-       (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.security.plist"))
-       (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.security.revocation.plist"))
-       (subpath (string-append (param "_HOME") "/Library/Keychains"))
-
-       ;; On-disk WebKit2 framework location, to account for debug installations
-       ;; outside of /System/Library/Frameworks
-       (subpath (param "WEBKIT2_FRAMEWORK_DIR"))
-
-       ;; Extensions from UIProcess
-       (extension))
+   ;; Basic system paths
+   (subpath "/Library/Fonts")
+   (subpath "/Library/Frameworks")
+   (subpath "/Library/Keychains")
+   (subpath "/private/var/db/mds")
+   (regex #"^/private/etc/(hosts|group|passwd)$")
+
+   ;; Plugins
+   (subpath "/Library/Internet Plug-Ins")
+   (subpath (string-append (param "_HOME") "/Library/Internet Plug-Ins"))
+
+   ;; System and user preferences
+   (literal "/Library/Preferences/.GlobalPreferences.plist")
+   (literal "/Library/Preferences/com.apple.security.plist")
+   (literal (string-append (param "_HOME") "/Library/Preferences/.GlobalPreferences.plist"))
+   (regex (string-append "^" (param "_HOME") "/Library/Preferences/ByHost/\.GlobalPreferences\."))
+   (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.ATS.plist"))
+   (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.HIToolbox.plist"))
+   (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.LaunchServices.plist"))
+   (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.WebFoundation.plist"))
+   (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.security.plist"))
+   (literal (string-append (param "_HOME") "/Library/Preferences/com.apple.security.revocation.plist"))
+   (subpath (string-append (param "_HOME") "/Library/Keychains"))
+
+   ;; On-disk WebKit2 framework location, to account for debug installations
+   ;; outside of /System/Library/Frameworks
+   (subpath (param "WEBKIT2_FRAMEWORK_DIR"))
+
+   ;; Extensions from UIProcess
+   (extension)
+)
 
 (allow file-write*
-       ;; Extensions from UIProcess
-       (extension))
+   ;; Extensions from UIProcess
+   (extension)
+)
 
 ;; Writable preferences and temporary files
 (allow file*
-       (subpath (string-append (param "_HOME") "/Library/Caches/com.apple.WebProcess"))
-       (regex (string-append "^" (param "_HOME") "/Library/Preferences/ByHost/com\.apple\.HIToolbox\."))
-       (regex (string-append "^" (param "_HOME") "/Library/Preferences/com\.apple\.WebProcess\.")))
+   (subpath (string-append (param "_HOME") "/Library/Caches/com.apple.WebProcess"))
+   (regex (string-append "^" (param "_HOME") "/Library/Preferences/ByHost/com\.apple\.HIToolbox\."))
+   (regex (string-append "^" (param "_HOME") "/Library/Preferences/com\.apple\.WebProcess\."))
+)
 
 ;; Darwin temporary files and caches, if present
 (if (positive? (string-length (param "DARWIN_USER_CACHE_DIR")))
 
 ;; FIXME: overly permissive since we can't pre-enumerate the client
 ;; classes for graphics cards
-(allow iokit-open)
-       ;;(iokit-user-client-class "IOHIDParamUserClient")
-       ;;(iokit-user-client-class "RootDomainUserClient"))
+(allow iokit-open
+   ;;(iokit-user-client-class "IOHIDParamUserClient")
+   ;;(iokit-user-client-class "RootDomainUserClient")
+)
 
 ;; Various services required by AppKit and other frameworks
 (allow mach-lookup
-       (global-name "com.apple.CoreServices.coreservicesd")
-       (global-name "com.apple.DiskArbitration.diskarbitrationd")
-       (global-name "com.apple.FileCoordination")
-       (global-name "com.apple.FontObjectsServer")
-       (global-name "com.apple.FontServer")
-       (global-name "com.apple.SecurityServer")
-       (global-name "com.apple.SystemConfiguration.configd")
-       (global-name "com.apple.audio.VDCAssistant")
-       (global-name "com.apple.audio.audiohald")
-       (global-name "com.apple.audio.coreaudiod")
-       (global-name "com.apple.cookied")
-       (global-name "com.apple.cvmsServ")
-       (global-name "com.apple.distributed_notifications.2")
-       (global-name "com.apple.dock.server")
-       (global-name "com.apple.ocspd")
-       (global-name "com.apple.pasteboard.1")
-       (global-name "com.apple.window_proxies")
-       (global-name "com.apple.windowserver.active")
-       (global-name-regex #"^com\.apple\.WebKit\.WebProcess-")
-       (global-name-regex #"^com\.apple\.qtkitserver\."))
+   (global-name "com.apple.CoreServices.coreservicesd")
+   (global-name "com.apple.DiskArbitration.diskarbitrationd")
+   (global-name "com.apple.FileCoordination")
+   (global-name "com.apple.FontObjectsServer")
+   (global-name "com.apple.FontServer")
+   (global-name "com.apple.SecurityServer")
+   (global-name "com.apple.SystemConfiguration.configd")
+   (global-name "com.apple.audio.VDCAssistant")
+   (global-name "com.apple.audio.audiohald")
+   (global-name "com.apple.audio.coreaudiod")
+   (global-name "com.apple.cookied")
+   (global-name "com.apple.cvmsServ")
+   (global-name "com.apple.distributed_notifications.2")
+   (global-name "com.apple.dock.server")
+   (global-name "com.apple.ocspd")
+   (global-name "com.apple.pasteboard.1")
+   (global-name "com.apple.window_proxies")
+   (global-name "com.apple.windowserver.active")
+   (global-name-regex #"^com\.apple\.WebKit\.WebProcess-")
+   (global-name-regex #"^com\.apple\.qtkitserver\.")
+)
 
 ;; FIXME: These rules are required until <rdar://problem/8448410> is addressed. See <rdar://problem/8349882> for discussion.
 (allow network-outbound)
 (deny network-outbound (regex ""))
 (deny network-outbound (local ip))
 (allow network-outbound
-       ;; Local mDNSResponder for DNS, arbitrary outbound TCP
-       (literal "/private/var/run/mDNSResponder")
-       (remote tcp))
+   ;; Local mDNSResponder for DNS, arbitrary outbound TCP
+   (literal "/private/var/run/mDNSResponder")
+   (remote tcp)
+)
 
 ;; FIXME: These rules are required until plug-ins are moved out of the web process.
 (allow file-read*
-       (regex (string-append "^" (param "_HOME") "/Library/Preferences/ByHost/com\.apple\.ist\."))
-       (literal (string-append (param "_HOME") "/Library/Preferences/edu.mit.Kerberos"))
-       (literal "/Library/Preferences/edu.mit.Kerberos"))
+   (regex (string-append "^" (param "_HOME") "/Library/Preferences/ByHost/com\.apple\.ist\."))
+   (literal (string-append (param "_HOME") "/Library/Preferences/edu.mit.Kerberos"))
+   (literal "/Library/Preferences/edu.mit.Kerberos")
+)
+
 (allow mach-lookup
-       (global-name "org.h5l.kcm")
-       (global-name "com.apple.tsm.uiserver")
-       (global-name-regex #"^com\.apple\.ist"))
+   (global-name "org.h5l.kcm")
+   (global-name "com.apple.tsm.uiserver")
+   (global-name-regex #"^com\.apple\.ist")
+)
+
 (allow network-outbound (remote ip))
 
 ;; These rules are required while QTKitServer is being launched directly via posix_spawn (<rdar://problem/6912494>).