mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 05:11:16 +00:00
Bug 1225023: Allow Flash Player to create Adobe\Flash Player and Macromedia\Flash Player directories. r=bbondy
This commit is contained in:
parent
57c0314350
commit
53c9d7290d
@ -74,7 +74,8 @@ AddSandboxAllowedFile(vector<std::wstring>& aAllowedFiles, nsIProperties* aDirSv
|
||||
static void
|
||||
AddSandboxAllowedFiles(int32_t aSandboxLevel,
|
||||
vector<std::wstring>& aAllowedFilesRead,
|
||||
vector<std::wstring>& aAllowedFilesReadWrite)
|
||||
vector<std::wstring>& aAllowedFilesReadWrite,
|
||||
vector<std::wstring>& aAllowedDirectories)
|
||||
{
|
||||
if (aSandboxLevel < 2) {
|
||||
return;
|
||||
@ -95,12 +96,21 @@ AddSandboxAllowedFiles(int32_t aSandboxLevel,
|
||||
}
|
||||
|
||||
// Level 2 and above is now using low integrity, so we need to give write
|
||||
// access to the Flash directories.
|
||||
// access to the Flash directories. Access also has to be given to create
|
||||
// the parent directories as they may not exist.
|
||||
// This should be made Flash specific (Bug 1171396).
|
||||
AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR,
|
||||
NS_LITERAL_STRING("\\Macromedia\\Flash Player\\*"));
|
||||
AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR,
|
||||
NS_LITERAL_STRING("\\Macromedia\\Flash Player"));
|
||||
AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR,
|
||||
NS_LITERAL_STRING("\\Macromedia"));
|
||||
AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR,
|
||||
NS_LITERAL_STRING("\\Adobe\\Flash Player\\*"));
|
||||
AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR,
|
||||
NS_LITERAL_STRING("\\Adobe\\Flash Player"));
|
||||
AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR,
|
||||
NS_LITERAL_STRING("\\Adobe"));
|
||||
|
||||
// Write access to the Temp directory is needed in some mochitest crash
|
||||
// tests.
|
||||
@ -117,7 +127,7 @@ PluginProcessParent::Launch(mozilla::UniquePtr<LaunchCompleteTask> aLaunchComple
|
||||
#if defined(XP_WIN) && defined(MOZ_SANDBOX)
|
||||
mSandboxLevel = aSandboxLevel;
|
||||
AddSandboxAllowedFiles(mSandboxLevel, mAllowedFilesRead,
|
||||
mAllowedFilesReadWrite);
|
||||
mAllowedFilesReadWrite, mAllowedDirectories);
|
||||
#else
|
||||
if (aSandboxLevel != 0) {
|
||||
MOZ_ASSERT(false,
|
||||
|
@ -949,6 +949,12 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt
|
||||
++it) {
|
||||
mSandboxBroker.AllowReadWriteFile(it->c_str());
|
||||
}
|
||||
|
||||
for (auto it = mAllowedDirectories.begin();
|
||||
it != mAllowedDirectories.end();
|
||||
++it) {
|
||||
mSandboxBroker.AllowDirectory(it->c_str());
|
||||
}
|
||||
}
|
||||
#endif // XP_WIN && MOZ_SANDBOX
|
||||
|
||||
|
@ -160,6 +160,7 @@ protected:
|
||||
SandboxBroker mSandboxBroker;
|
||||
std::vector<std::wstring> mAllowedFilesRead;
|
||||
std::vector<std::wstring> mAllowedFilesReadWrite;
|
||||
std::vector<std::wstring> mAllowedDirectories;
|
||||
bool mEnableSandboxLogging;
|
||||
int32_t mSandboxLevel;
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user