If you're just doing this for debugging purposes, an easier route would be
to pass in the --no-sandbox flag to temporarily disable the sandbox
entirely, documented here:
http://sites.google.com/a/chromium.org/dev/developers/debugging-on-os-x
On Thu, Jul 30, 2009 at 8:00 PM, n179911 wrote:
>
> Th
Thank you all. I have a better understanding now.
I just try to log some debug info of the renderer in /tmp that may
help me understand things better.
Regards,
On Thu, Jul 30, 2009 at 7:36 PM, Jeremy Moskovich wrote:
> The easiest way would be to add a rule to renderer.sb, the language it uses
The easiest way would be to add a rule to renderer.sb, the language it uses
is undocumented but very easy to use, you can find the file in the source
tree.
May I ask why you want the renderer to be able to read/write files in /tmp?
Best regards,
Jeremy
On Thu, Jul 30, 2009 at 7:32 PM, n179911 w
I would like to change it so that the renderer can create/write file on /tmp.
Like this 'kSBXProfileNoWriteExceptTemporary' profile.
On Thu, Jul 30, 2009 at 9:43 AM, Jeremy Moskovich wrote:
> Is this just out of curiosity? Is there something specific you're trying to
> achieve?
> On Thu, Jul 30
On Thursday, July 30, 2009, n179911 wrote:
> I am trying to see what it the current setting in chromium. I can't
> find that in http://renderer.sb or when sandbox_init() is called.
As TVL said in his earlier reply, renderer.sb *is* the current
setting. We use a custom set of allow/deny rules rat
Is this just out of curiosity? Is there something specific you're trying to
achieve?
On Thu, Jul 30, 2009 at 9:32 AM, n179911 wrote:
> On Thu, Jul 30, 2009 at 9:08 AM, Jeremy Moskovich
> wrote:
> > Hi,
> > It would really help if you could provide some details on what your
> trying
> > to do.
>
On Thu, Jul 30, 2009 at 9:08 AM, Jeremy Moskovich wrote:
> Hi,
> It would really help if you could provide some details on what your trying
> to do.
> Best regards,
> Jeremy
>
>From the
>http://dev.chromium.org/developers/design-documents/sandbox/osx-sandboxing-design
It said "In the renderer, w
As the man page says, you to use one of the kSBXProfile* constants for the
profile argument, you need to change the flags to say you are using a named
profile instead of an external one.
TVL
On Thu, Jul 30, 2009 at 12:06 PM, n179911 wrote:
> Thank you. Can you please tell me how can I change th
Hi,
It would really help if you could provide some details on what your trying
to do.
Best regards,
Jeremy
On Thu, Jul 30, 2009 at 9:06 AM, n179911 wrote:
>
> Thank you. Can you please tell me how can I change the configure file
> (renderer.sb) to use
> other sandbox profile, like the one descr
Thank you. Can you please tell me how can I change the configure file
(renderer.sb) to use
other sandbox profile, like the one described in man page:
* kSBXProfileNoInternet
* kSBXProfileNoNetwork
* kSBXProfileNoWrite
* kSBXProfileNoWriteExceptTemporary
* kSBXProfilePureComputation
Those constants are pre-configured settings. The NAMED_EXTERNAL flag lets
us pass in our own config, which is the renderer.sb. Apple hasn't really
documented the file format, but if you do some searching on the web, you'll
find some documentation folks have figured out and I believe there was a
t
11 matches
Mail list logo
