Bug 1278528: Don't try to initialize the sandbox TargetServices when …

…we are not sandboxed. r=jimm MozReview-Commit-ID: EpXy9LYXwQL
mozilla-spidermonkey · Jun 7, 2016 · 044cb27 · 044cb27
1 parent 9936af6
commit 044cb27
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 11 deletions.
diff --git a/browser/app/nsBrowserApp.cpp b/browser/app/nsBrowserApp.cpp
@@ -336,7 +336,7 @@ int main(int argc, char* argv[], char* envp[])
 #if defined(XP_WIN) && defined(MOZ_SANDBOX)
     // We need to initialize the sandbox TargetServices before InitXPCOMGlue
     // because we might need the sandbox broker to give access to some files.
-    if (!sandboxing::GetInitializedTargetServices()) {
+    if (IsSandboxedProcess() && !sandboxing::GetInitializedTargetServices()) {
       Output("Failed to initialize the sandbox target services.");
       return 255;
     }

diff --git a/ipc/contentproc/plugin-container.cpp b/ipc/contentproc/plugin-container.cpp
@@ -77,12 +77,10 @@ InitializeBinder(void *aDummy) {
 #endif
 
 #if defined(XP_WIN) && defined(MOZ_SANDBOX)
-static bool gIsSandboxEnabled = false;
-
 class WinSandboxStarter : public mozilla::gmp::SandboxStarter {
 public:
     virtual bool Start(const char *aLibPath) override {
-        if (gIsSandboxEnabled) {
+        if (IsSandboxedProcess()) {
             mozilla::sandboxing::LowerSandbox();
         }
         return true;
@@ -155,15 +153,12 @@ content_process_main(int argc, char* argv[])
     bool isNuwa = false;
     for (int i = 1; i < argc; i++) {
         isNuwa |= strcmp(argv[i], "-nuwa") == 0;
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-        gIsSandboxEnabled |= strcmp(argv[i], "-sandbox") == 0;
-#endif
     }
 
     XREChildData childData;
 
 #if defined(XP_WIN) && defined(MOZ_SANDBOX)
-    if (gIsSandboxEnabled) {
+    if (IsSandboxedProcess()) {
         childData.sandboxTargetServices =
             mozilla::sandboxing::GetInitializedTargetServices();
         if (!childData.sandboxTargetServices) {

diff --git a/ipc/glue/GeckoChildProcessHost.cpp b/ipc/glue/GeckoChildProcessHost.cpp
@@ -1038,7 +1038,6 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt
         // and just crash there right away. Should this change in the future then we
         // should also handle the error here.
         mSandboxBroker.SetSecurityLevelForContentProcess(mSandboxLevel);
-        cmdLine.AppendLooseValue(UTF8ToWide("-sandbox"));
         shouldSandboxCurrentProcess = true;
         AddContentSandboxAllowedFiles(mSandboxLevel, mAllowedFilesRead);
       }
@@ -1051,7 +1050,6 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt
         if (!ok) {
           return false;
         }
-        cmdLine.AppendLooseValue(UTF8ToWide("-sandbox"));
         shouldSandboxCurrentProcess = true;
       }
       break;
@@ -1071,7 +1069,6 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector<std::string>& aExt
         if (!ok) {
           return false;
         }
-        cmdLine.AppendLooseValue(UTF8ToWide("-sandbox"));
         shouldSandboxCurrentProcess = true;
       }
       break;

diff --git a/security/sandbox/win/SandboxInitialization.h b/security/sandbox/win/SandboxInitialization.h
@@ -12,6 +12,10 @@ class BrokerServices;
 class TargetServices;
 }
 
+// Things that use this file will probably want access to the IsSandboxedProcess
+// function defined in one of the Chromium sandbox cc files.
+extern "C" bool IsSandboxedProcess();
+
 namespace mozilla {
 // Note the Chromium code just uses a bare sandbox namespace, which makes using
 // sandbox for our namespace painful.