[Webkit-unassigned] [Bug 188568] [GTK][WPE] Implement subprocess sandboxing
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Oct 9 13:26:13 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=188568
Zan Dobersek <zan at falconsigh.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |zan at falconsigh.net
--- Comment #93 from Zan Dobersek <zan at falconsigh.net> ---
Comment on attachment 351370
--> https://bugs.webkit.org/attachment.cgi?id=351370
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=351370&action=review
> Source/WebKit/UIProcess/Launcher/ProcessLauncher.h:74
> +#if PLATFORM(GTK) || PLATFORM(WPE)
> + Vector<String> extraSandboxPaths;
> + bool sandboxEnabled { false };
> +#endif
Ideally we would reuse extraInitializationData, but that can be addressed later.
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:103
> + m_permissions = permissions;
Use WTFMove() here.
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:131
> + proxyArgs.appendVector(m_permissions);
> +
> +
> + int proxyFd = argsToFd(proxyArgs, "dbus-proxy");
Extra vertical whitespace.
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:181
> + char* proxySocketTemplate = g_build_filename(appRunDir, "dbus-proxy-XXXXXX", nullptr);
Can this filename already be wrapped in GUniquePtr<char> here?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181009/751a6a30/attachment.html>
More information about the webkit-unassigned
mailing list