Need to disable FakeSYSVSHM when sandboxing is not enabled
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 23 Aug 2013 04:39:55 +0000 (04:39 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 23 Aug 2013 04:39:55 +0000 (04:39 +0000)
https://bugs.webkit.org/show_bug.cgi?id=120182
<rdar://problem/14814461>

Patch by Simon Cooper <scooper@apple.com> on 2013-08-22
Reviewed by Alexey Proskuryakov.

When not in a sandbox do not enable the FakeSYSVSHIM. This
allows LocalConnection to work when Flash Player is run in
"Unsafe Mode".

* PluginProcess/mac/PluginProcessShim.mm:
(WebKit::shim_disabled):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@154473 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/PluginProcess/mac/PluginProcessShim.mm

index 4d6551415d8b15f2995a332b0b850f7e726e989d..5532b30726ea87ed072430124ca3a4d104fd4198 100644 (file)
@@ -1,3 +1,18 @@
+2013-08-22  Simon Cooper  <scooper@apple.com>
+
+        Need to disable FakeSYSVSHM when sandboxing is not enabled
+        https://bugs.webkit.org/show_bug.cgi?id=120182
+        <rdar://problem/14814461>
+
+        Reviewed by Alexey Proskuryakov.
+
+        When not in a sandbox do not enable the FakeSYSVSHIM. This
+        allows LocalConnection to work when Flash Player is run in
+        "Unsafe Mode".
+
+        * PluginProcess/mac/PluginProcessShim.mm:
+        (WebKit::shim_disabled):
+
 2013-08-22  Andy Estes  <aestes@apple.com>
 
         <https://webkit.org/b/120180> Fix issues with OTHER_LDFLAGS in various .xcconfig files
index 0c4b7fca260b23625d76d0aeb2dbd7198b9278d2..d83a74f965b59b7b4fbcc312ec0ad468c578f230 100644 (file)
 #include <sys/ipc.h>
 #include <sys/mman.h>
 
+#undef __APPLE_API_PRIVATE
+#include <sandbox.h>
+
+#ifndef _SANDBOX_PRIVATE_H_
+enum sandbox_filter_type {
+        SANDBOX_FILTER_NONE,
+};
+extern "C" int sandbox_check(pid_t pid, const char *operation, enum sandbox_filter_type type, ...);
+#endif
+
 namespace WebKit {
 
 extern "C" void WebKitPluginProcessShimInitialize(const PluginProcessShimCallbacks& callbacks);
@@ -178,8 +188,11 @@ static Boolean shim_disabled(void)
 
         if (keyExistsAndHasValidFormat && prefValue)
             isFakeSHMDisabled = true;
+        else if (sandbox_check(getpid(), NULL, SANDBOX_FILTER_NONE) == 1)
+            isFakeSHMDisabled = false;  // Sandboxed
         else
-            isFakeSHMDisabled = false;
+            isFakeSHMDisabled = true;   // Not Sandboxed
+
     });
 
     return isFakeSHMDisabled;