From e84ae6e2aa99ddacf3b77408bc5fb487aee93029 Mon Sep 17 00:00:00 2001 From: Paul Betts Date: Tue, 11 Oct 2016 13:00:26 -0700 Subject: [PATCH 1/3] Add a method to determine whether we're in the Apple sandbox --- .../chrome/browser/process_singleton_posix.cc | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/chromium_src/chrome/browser/process_singleton_posix.cc b/chromium_src/chrome/browser/process_singleton_posix.cc index bb999fb500cf..6bcc1f2734b7 100644 --- a/chromium_src/chrome/browser/process_singleton_posix.cc +++ b/chromium_src/chrome/browser/process_singleton_posix.cc @@ -348,6 +348,21 @@ bool CheckCookie(const base::FilePath& path, const base::FilePath& cookie) { return (cookie == ReadLink(path)); } +bool IsAppSandboxed() { +#if defined(OS_MACOSX) + // NB: There is no sane API for this, we have to just guess by + // reading tea leaves + base::FilePath home_dir; + if (!PathService.Get(base::DIR_HOME, &home_dir)) { + return false; + } + + return home_dir.value().find("Library/Containers") != std::string::npos; +#else + return false; +#endif // defined(OS_MACOSX) +} + bool ConnectSocket(ScopedSocket* socket, const base::FilePath& socket_path, const base::FilePath& cookie_path) { From 06065d1c5d3b93d7d31057f2d83874ea00de2456 Mon Sep 17 00:00:00 2001 From: Paul Betts Date: Tue, 11 Oct 2016 13:01:20 -0700 Subject: [PATCH 2/3] Instead of gating the path shortening to MAS_BUILD, figure it out at runtime --- .../chrome/browser/process_singleton_posix.cc | 40 +++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/chromium_src/chrome/browser/process_singleton_posix.cc b/chromium_src/chrome/browser/process_singleton_posix.cc index 6bcc1f2734b7..b83e986cddc6 100644 --- a/chromium_src/chrome/browser/process_singleton_posix.cc +++ b/chromium_src/chrome/browser/process_singleton_posix.cc @@ -961,27 +961,27 @@ bool ProcessSingleton::Create() { #endif } -#if defined(MAS_BUILD) - // For Mac App Store build, the tmp dir could be too long to fit - // addr->sun_path, so we need to make it as short as possible. - base::FilePath tmp_dir; - if (!base::GetTempDir(&tmp_dir)) { - LOG(ERROR) << "Failed to get temporary directory."; - return false; + if (IsAppSandboxed()) { + // For sandboxed applications, the tmp dir could be too long to fit + // addr->sun_path, so we need to make it as short as possible. + base::FilePath tmp_dir; + if (!base::GetTempDir(&tmp_dir)) { + LOG(ERROR) << "Failed to get temporary directory."; + return false; + } + if (!socket_dir_.Set(tmp_dir.Append("S"))) { + LOG(ERROR) << "Failed to set socket directory."; + return false; + } + } else { + // Create the socket file somewhere in /tmp which is usually mounted as a + // normal filesystem. Some network filesystems (notably AFS) are screwy and + // do not support Unix domain sockets. + if (!socket_dir_.CreateUniqueTempDir()) { + LOG(ERROR) << "Failed to create socket directory."; + return false; + } } - if (!socket_dir_.Set(tmp_dir.Append("S"))) { - LOG(ERROR) << "Failed to set socket directory."; - return false; - } -#else - // Create the socket file somewhere in /tmp which is usually mounted as a - // normal filesystem. Some network filesystems (notably AFS) are screwy and - // do not support Unix domain sockets. - if (!socket_dir_.CreateUniqueTempDir()) { - LOG(ERROR) << "Failed to create socket directory."; - return false; - } -#endif // Check that the directory was created with the correct permissions. int dir_mode = 0; From 7dd1ebc734952a652883605fbf838244c82d72b2 Mon Sep 17 00:00:00 2001 From: Paul Betts Date: Tue, 11 Oct 2016 14:02:29 -0700 Subject: [PATCH 3/3] Fix oops typos --- chromium_src/chrome/browser/process_singleton_posix.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium_src/chrome/browser/process_singleton_posix.cc b/chromium_src/chrome/browser/process_singleton_posix.cc index b83e986cddc6..28629ac1af60 100644 --- a/chromium_src/chrome/browser/process_singleton_posix.cc +++ b/chromium_src/chrome/browser/process_singleton_posix.cc @@ -353,7 +353,7 @@ bool IsAppSandboxed() { // NB: There is no sane API for this, we have to just guess by // reading tea leaves base::FilePath home_dir; - if (!PathService.Get(base::DIR_HOME, &home_dir)) { + if (!base::PathService::Get(base::DIR_HOME, &home_dir)) { return false; }