[macruby-changes] [4488] MacRuby/trunk/sandbox.c

Revision: 4488 http://trac.macosforge.org/projects/ruby/changeset/4488 Author: lsansonetti@apple.com Date: 2010-09-01 16:21:37 -0700 (Wed, 01 Sep 2010) Log Message: ----------- Sandbox.new can now accept a custom profile string (as a scheme expression) Modified Paths: -------------- MacRuby/trunk/sandbox.c Modified: MacRuby/trunk/sandbox.c =================================================================== --- MacRuby/trunk/sandbox.c 2010-09-01 21:48:49 UTC (rev 4487) +++ MacRuby/trunk/sandbox.c 2010-09-01 23:21:37 UTC (rev 4488) @@ -1,5 +1,14 @@ +/* + * MacRuby interface to sandbox/seatbelt. + * + * This file is covered by the Ruby license. See COPYING for more details. + * + * Copyright (C) 2010, Apple Inc. All rights reserved. + */ + #include <sandbox.h> #include "ruby/macruby.h" +#include "ruby/util.h" static VALUE rb_cSandbox; @@ -17,11 +26,25 @@ return Data_Wrap_Struct(klass, NULL, NULL, sb); } +static VALUE +rb_sandbox_init(VALUE obj, SEL sel, VALUE profile) +{ + rb_sandbox_t *box; + + Data_Get_Struct(obj, rb_sandbox_t, box); + GC_WB(&box->profile, ruby_strdup(RSTRING_PTR(profile))); + box->flags = 0; + + return obj; +} + + static inline VALUE -predefined_sandbox(const char* name) +predefined_sandbox(const char *name) { VALUE obj = rb_sandbox_s_alloc(rb_cSandbox, 0); - rb_sandbox_t *box; Data_Get_Struct(obj, rb_sandbox_t, box); + rb_sandbox_t *box; + Data_Get_Struct(obj, rb_sandbox_t, box); box->profile = name; box->flags = SANDBOX_NAMED; return rb_obj_freeze(obj); @@ -60,7 +83,8 @@ static VALUE rb_sandbox_apply(VALUE self, SEL sel) { - rb_sandbox_t *box; Data_Get_Struct(self, rb_sandbox_t, box); + rb_sandbox_t *box; + Data_Get_Struct(self, rb_sandbox_t, box); char *error = NULL; if (sandbox_init(box->profile, box->flags, &error) == -1) { rb_raise(rb_eSecurityError, "Couldn't apply sandbox: `%s`", error); @@ -80,5 +104,6 @@ rb_objc_define_method(*(VALUE *)rb_cSandbox, "temporary_writes", rb_sandbox_s_temporary_writes, 0); rb_objc_define_method(*(VALUE *)rb_cSandbox, "pure_computation", rb_sandbox_s_pure_computation, 0); + rb_objc_define_method(rb_cSandbox, "initialize", rb_sandbox_init, 1); rb_objc_define_method(rb_cSandbox, "apply!", rb_sandbox_apply, 0); -} \ No newline at end of file +}