tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

SandboxPolicyUtility.h (2236B)

      1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* This Source Code Form is subject to the terms of the Mozilla Public
      3 * License, v. 2.0. If a copy of the MPL was not distributed with this
      4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      5 
      6 #ifndef mozilla_SandboxPolicyUtility_h
      7 #define mozilla_SandboxPolicyUtility_h
      8 
      9 namespace mozilla {
     10 
     11 static const char SandboxPolicyUtility[] = R"SANDBOX_LITERAL(
     12  (version 1)
     13 
     14  (define should-log (param "SHOULD_LOG"))
     15  (define app-path (param "APP_PATH"))
     16  (define app-binary-path (param "APP_BINARY_PATH"))
     17  (define crashPort (param "CRASH_PORT"))
     18  (define isRosettaTranslated (param "IS_ROSETTA_TRANSLATED"))
     19 
     20  (define (moz-deny feature)
     21    (if (string=? should-log "TRUE")
     22      (deny feature)
     23      (deny feature (with no-log))))
     24 
     25  (moz-deny default)
     26  ; These are not included in (deny default)
     27  (moz-deny process-info*)
     28  (moz-deny nvram*)
     29  (moz-deny file-map-executable)
     30 
     31  ; Needed for things like getpriority()/setpriority()/pthread_setname()
     32  (allow process-info-pidinfo process-info-setcontrol (target self))
     33 
     34  (if (string=? isRosettaTranslated "TRUE")
     35    (allow file-map-executable (subpath "/private/var/db/oah")))
     36 
     37  (allow file-map-executable file-read*
     38    (subpath "/System/Library")
     39    (subpath "/usr/lib")
     40    (subpath app-path)
     41    (subpath app-binary-path))
     42 
     43  (if (string? crashPort)
     44    (allow mach-lookup (global-name crashPort)))
     45 
     46  (allow signal (target self))
     47  (allow sysctl-read)
     48  (allow file-read*
     49    (literal "/dev/random")
     50    (literal "/dev/urandom")
     51    (subpath "/usr/share/icu"))
     52 
     53  ; Timezone
     54  (allow file-read*
     55    (subpath "/private/var/db/timezone")
     56    (subpath "/usr/share/zoneinfo")
     57    (subpath "/usr/share/zoneinfo.default")
     58    (literal "/private/etc/localtime"))
     59 
     60  (allow mach-lookup
     61    (global-name "com.apple.coreservices.launchservicesd"))
     62 )SANDBOX_LITERAL";
     63 
     64 static const char SandboxPolicyUtilityMediaServiceAppleMediaAddend[] =
     65    R"SANDBOX_LITERAL(
     66  ; For Utility AudioDecoder AppleMedia codecs (bug 1565575)
     67  (allow mach-lookup (global-name "com.apple.audio.AudioComponentRegistrar"))
     68 )SANDBOX_LITERAL";
     69 
     70 }  // namespace mozilla
     71 
     72 #endif  // mozilla_SandboxPolicyUtility_h