Need to disable FakeSYSVSHM when sandboxing is not enabled
[WebKit-https.git] / Source / WebKit2 / PluginProcess / mac / PluginProcessShim.mm
index 0c4b7fca260b23625d76d0aeb2dbd7198b9278d2..d83a74f965b59b7b4fbcc312ec0ad468c578f230 100644 (file)
 #include <sys/ipc.h>
 #include <sys/mman.h>
 
+#undef __APPLE_API_PRIVATE
+#include <sandbox.h>
+
+#ifndef _SANDBOX_PRIVATE_H_
+enum sandbox_filter_type {
+        SANDBOX_FILTER_NONE,
+};
+extern "C" int sandbox_check(pid_t pid, const char *operation, enum sandbox_filter_type type, ...);
+#endif
+
 namespace WebKit {
 
 extern "C" void WebKitPluginProcessShimInitialize(const PluginProcessShimCallbacks& callbacks);
@@ -178,8 +188,11 @@ static Boolean shim_disabled(void)
 
         if (keyExistsAndHasValidFormat && prefValue)
             isFakeSHMDisabled = true;
+        else if (sandbox_check(getpid(), NULL, SANDBOX_FILTER_NONE) == 1)
+            isFakeSHMDisabled = false;  // Sandboxed
         else
-            isFakeSHMDisabled = false;
+            isFakeSHMDisabled = true;   // Not Sandboxed
+
     });
 
     return isFakeSHMDisabled;