[Webkit-unassigned] [Bug 193571] [GTK][WPE] Add API to add paths to sandbox
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jan 24 07:31:28 PST 2019
https://bugs.webkit.org/show_bug.cgi?id=193571
--- Comment #28 from youenn fablet <youennf at gmail.com> ---
Comment on attachment 360011
--> https://bugs.webkit.org/attachment.cgi?id=360011
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=360011&action=review
> Source/WebKit/ChangeLog:4
> + https://bugs.webkit.org/show_bug.cgi?id=193571
Can you describe the use cases for this API?
Which folders are to be sandboxed?
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:763
> + sandboxArgs.appendVector(Vector<CString>({
Do you need "({" or just one of these.
> Source/WebKit/UIProcess/WebProcessPool.h:474
> + void appendSandboxPath(const CString& path, SandboxPermission permission) { m_extraSandboxPaths.set(path, permission); };
One usually append to a vector, not a map.
I would rename it to addSandboxPath and use 'add' instead of 'set' which is slightly cheaper.
> Source/WebKit/UIProcess/WebProcessPool.h:475
> + const HashMap<CString, SandboxPermission>& sandboxPaths() { return m_extraSandboxPaths; };
Should be a const method.
> Source/WebKit/UIProcess/glib/WebProcessProxyGLib.cpp:47
> + launchOptions.extraSandboxPaths = m_processPool->sandboxPaths();
The extra sandbox paths seem specific to web processes.
Should the name be made explicit with that regards?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190124/5bfc5bdf/attachment.html>
More information about the webkit-unassigned
mailing list