tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

SandboxPrefBridge.cpp (2082B)

      1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
      3 /* This Source Code Form is subject to the terms of the Mozilla Public
      4 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      5 * You can obtain one at http://mozilla.org/MPL/2.0/. */
      6 
      7 #include "Sandbox.h"
      8 
      9 #include "mozilla/Preferences.h"
     10 #include "mozilla/SandboxSettings.h"
     11 #include "mozilla/dom/ContentChild.h"
     12 #include "mozilla/dom/ContentParent.h"  // for FILE_REMOTE_TYPE
     13 
     14 namespace mozilla {
     15 
     16 /* static */ ContentProcessSandboxParams
     17 ContentProcessSandboxParams::ForThisProcess(
     18    const Maybe<ipc::FileDescriptor>& aBroker) {
     19  ContentProcessSandboxParams params;
     20  params.mLevel = GetEffectiveContentSandboxLevel();
     21 
     22  if (aBroker.isSome()) {
     23    auto fd = aBroker.value().ClonePlatformHandle();
     24    params.mBrokerFd = fd.release();
     25    // brokerFd < 0 means to allow direct filesystem access, so
     26    // make absolutely sure that doesn't happen if the parent
     27    // didn't intend it.
     28    MOZ_RELEASE_ASSERT(params.mBrokerFd >= 0);
     29  }
     30  // (Otherwise, mBrokerFd will remain -1 from the default ctor.)
     31 
     32  auto* cc = dom::ContentChild::GetSingleton();
     33  params.mFileProcess = cc->GetRemoteType() == FILE_REMOTE_TYPE;
     34 
     35  nsAutoCString extraSyscalls;
     36  nsresult rv = Preferences::GetCString(
     37      "security.sandbox.content.syscall_whitelist", extraSyscalls);
     38  if (NS_SUCCEEDED(rv)) {
     39    for (const nsACString& callNrString : extraSyscalls.Split(',')) {
     40      int callNr = PromiseFlatCString(callNrString).ToInteger(&rv);
     41      if (NS_SUCCEEDED(rv)) {
     42        params.mSyscallWhitelist.push_back(callNr);
     43      }
     44    }
     45  }
     46 
     47  return params;
     48 }
     49 
     50 /* static */ SocketProcessSandboxParams
     51 SocketProcessSandboxParams::ForThisProcess(
     52    const Maybe<ipc::FileDescriptor>& aBroker) {
     53  SocketProcessSandboxParams self;
     54 
     55  if (aBroker.isSome()) {
     56    self.mBroker = aBroker->ClonePlatformHandle();
     57    MOZ_RELEASE_ASSERT(self.mBroker);
     58  }
     59 
     60  self.mLevel = GetEffectiveSocketProcessSandboxLevel();
     61  return self;
     62 }
     63 
     64 }  // namespace mozilla