Bug 1386502 - Whitelist paths added via pref for files opened in the content process during some tests. r=jimm

--HG--
extra : rebase_source : a34c7e1d445154843e8efd0146824dff0bdfda9b
This commit is contained in:
Bob Owen 2017-08-07 17:42:00 +01:00
parent 5ed8327922
commit 00eaf28579
3 changed files with 36 additions and 10 deletions

View File

@ -323,6 +323,32 @@ GeckoChildProcessHost::PrepareLaunch()
mSandboxLevel = GetEffectiveContentSandboxLevel();
mEnableSandboxLogging =
Preferences::GetBool("security.sandbox.logging.enabled");
// We currently have to whitelist certain paths for tests to work in some
// development configurations.
nsAutoString readPaths;
nsresult rv =
Preferences::GetString("security.sandbox.content.read_path_whitelist",
readPaths);
if (NS_SUCCEEDED(rv)) {
for (const nsAString& readPath : readPaths.Split(',')) {
nsString trimmedPath(readPath);
trimmedPath.Trim(" ", true, true);
std::wstring resolvedPath(trimmedPath.Data());
// Before resolving check if path ends with '\' as this indicates we
// want to give read access to a directory and so it needs a wildcard.
bool addWildcard = (resolvedPath.back() == L'\\');
if (!widget::WinUtils::ResolveJunctionPointsAndSymLinks(resolvedPath)) {
NS_ERROR("Failed to resolve test read policy rule.");
continue;
}
if (addWildcard) {
resolvedPath.append(L"\\*");
}
mAllowedFilesRead.push_back(resolvedPath);
}
}
}
#endif

View File

@ -310,11 +310,11 @@ class RefTest(object):
sandbox_whitelist_paths.append(options.workPath)
except AttributeError:
pass
if platform.system() == "Linux":
# Trailing slashes are needed to indicate directories on Linux
for idx, path in enumerate(sandbox_whitelist_paths):
if not path.endswith("/"):
sandbox_whitelist_paths[idx] = path + "/"
if (platform.system() == "Linux" or
platform.system() in ("Windows", "Microsoft")):
# Trailing slashes are needed to indicate directories on Linux and Windows
sandbox_whitelist_paths = map(lambda p: os.path.join(p, ""),
sandbox_whitelist_paths)
# Bug 1300355: Disable canvas cache for win7 as it uses
# too much memory and causes OOMs.

View File

@ -1813,11 +1813,11 @@ toolbar#nav-bar {
sandbox_whitelist_paths.append(options.topsrcdir)
except AttributeError:
pass
if platform.system() == "Linux":
# Trailing slashes are needed to indicate directories on Linux
for idx, path in enumerate(sandbox_whitelist_paths):
if not path.endswith("/"):
sandbox_whitelist_paths[idx] = path + "/"
if (platform.system() == "Linux" or
platform.system() in ("Windows", "Microsoft")):
# Trailing slashes are needed to indicate directories on Linux and Windows
sandbox_whitelist_paths = map(lambda p: os.path.join(p, ""),
sandbox_whitelist_paths)
# interpolate preferences
interpolation = {