1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
// Copyright 2016 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SANDBOX_MAC_SEATBELT_H_
#define SANDBOX_MAC_SEATBELT_H_
#include <cstdint>
#include "base/macros.h"
#include "sandbox/mac/seatbelt_export.h"
namespace sandbox {
// This class exists because OS X deprecated the sandbox functions,
// and did not supply replacements that are suitable for Chrome.
// This class wraps the functions in deprecation warning supressions.
class SEATBELT_EXPORT Seatbelt {
public:
// Initializes the specified sandbox profile. Returns 0 on success, else -1
// and |errorbuf| is populated. |errorbuf| is allocated by the API and must be
// freed with FreeError().
static int Init(const char* profile, uint64_t flags, char** errorbuf);
// Initializes the specified sandbox profile and passes the parameters to the
// |profile|. |parameters| is a null terminated list containing key,value
// pairs in sequence. [key1,val1,key2,val2,nullptr]. |errorbuf| is allocated
// by the API and is set to a string description of the error. |errorbuf| must
// be freed with FreeError(). This function eturns 0 on success, else -1 and
// |errorbuf| is populated.
static int InitWithParams(const char* profile,
uint64_t flags,
const char* const parameters[],
char** errorbuf);
// Frees the |errorbuf| allocated and set by InitWithParams.
static void FreeError(char* errorbuf);
// Returns whether or not the process is currently sandboxed.
static bool IsSandboxed();
static const char* kProfileNoInternet;
static const char* kProfileNoNetwork;
static const char* kProfileNoWrite;
static const char* kProfileNoWriteExceptTemporary;
static const char* kProfilePureComputation;
private:
Seatbelt();
DISALLOW_COPY_AND_ASSIGN(Seatbelt);
};
} // sandbox
#endif // SANDBOX_MAC_SEATBELT_H_
|
