Closed Bug 1385028 Opened 7 years ago Closed 7 years ago

[mac] simplify the handling of macOS minor version in the sandbox policy

Categories

(Core :: Security: Process Sandboxing, enhancement)

Unspecified
macOS
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla56
Tracking Status
firefox56 --- fixed

People

(Reporter: Alex_Gaynor, Assigned: Alex_Gaynor)

Details

Attachments

(1 file)

Right now we pass a series of bools (really "TRUE" or "FALSE" strings) to the policy, one for each version check we need to perform.

We can just pass the version as an integer-as-a-string and use string->number. This should improve the readability of our sandbox policy.
Comment on attachment 8890984 [details]
Bug 1385028 - simplify handling of macOS minor version in the sandbox policy;

https://reviewboard.mozilla.org/r/162164/#review167492

::: security/sandbox/mac/Sandbox.mm:133
(Diff revision 1)
>  {
>    std::vector<const char *> params;
>    char *profile = NULL;
>    bool profile_needs_free = false;
> +
> +  char macOSMinor[10];

Could you make the array length be a #define? And if it was increased to 12 bytes it would be large enough to store any int32_t value.
Attachment #8890984 - Flags: review?(haftandilian) → review+
Keywords: checkin-needed
:haik DM'd me a small fix after marking it checkin needed. Update the review and now it's still checkin-needed :-)
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/4d7f80401751
simplify handling of macOS minor version in the sandbox policy; r=haik
Keywords: checkin-needed
Flags: needinfo?(agaynor)
Keywords: checkin-needed
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/53132a945541
simplify handling of macOS minor version in the sandbox policy; r=haik
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/53132a945541
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla56
You need to log in before you can comment on or make changes to this bug.