beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-25 09:00:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Userland: Tighten promises by removing 'proc' where it isn't used

Browse source 
This is a partial revert of commit 7af5eef. After 97d15e9, the 'proc'
promise is not needed for operations using getsid().

This also fixes launching several applications in which 7af5eef added
the 'proc' promise only in the second call to pledge().
This commit is contained in:
Timothy Flynn 2022-10-03 09:32:18 -04:00 committed by Linus Groh
parent 0455af4441
commit 25e0ab3ee4
Notes: sideshowbarker 2024-07-17 06:23:40 +09:00 
Author: https://github.com/trflynn89
Commit: https://github.com/SerenityOS/serenity/commit/25e0ab3ee4
Pull-request: https://github.com/SerenityOS/serenity/pull/15456
24 changed files with 24 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Userland/Applets/Audio/main.cpp
View file

@ -237,7 +237,7 @@ private:
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd rpath wpath cpath unix thread proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath wpath cpath unix thread"));
auto app = TRY(GUI::Application::try_create(arguments));
Config::pledge_domain("AudioApplet");

2
Userland/Applets/ClipboardHistory/main.cpp
View file

@ -17,7 +17,7 @@
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix"));
auto app = TRY(GUI::Application::try_create(arguments));
Config::pledge_domain("ClipboardHistory");

2
Userland/Applications/3DFileViewer/main.cpp
View file

@ -358,7 +358,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
{
auto app = TRY(GUI::Application::try_create(arguments));
TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix prot_exec proc"));
TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix prot_exec"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/home/anon/Documents/3D Models", "r"));

2
Userland/Applications/Help/main.cpp
View file

@ -28,7 +28,7 @@ static String parse_input(StringView input)
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix"));
auto app = TRY(GUI::Application::try_create(arguments));
TRY(Core::System::unveil("/proc/all", "r"));

2
Userland/Applications/HexEditor/main.cpp
View file

@ -20,7 +20,7 @@
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread"));
auto app = TRY(GUI::Application::try_create(arguments));

2
Userland/Applications/Magnifier/main.cpp
View file

@ -37,7 +37,7 @@ static ErrorOr<ByteBuffer> dump_bitmap(RefPtr<Gfx::Bitmap> bitmap, AK::StringVie
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio cpath rpath recvfd sendfd unix proc"));
TRY(Core::System::pledge("stdio cpath rpath recvfd sendfd unix"));
auto app = TRY(GUI::Application::try_create(arguments));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));

2
Userland/Applications/Mail/main.cpp
View file

@ -18,7 +18,7 @@
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix inet proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix inet"));
auto app = TRY(GUI::Application::try_create(arguments));

2
Userland/Applications/PDFViewer/main.cpp
View file

@ -32,7 +32,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
window->set_title("PDF Viewer");
window->resize(640, 400);
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));

2
Userland/Applications/PixelPaint/main.cpp
View file

@ -21,7 +21,7 @@
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix wpath cpath proc"));
TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix wpath cpath"));
auto app = TRY(GUI::Application::try_create(arguments));
Config::pledge_domain("PixelPaint");

2
Userland/Applications/Spreadsheet/main.cpp
View file

@ -26,7 +26,7 @@
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd rpath fattr unix cpath wpath thread proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath fattr unix cpath wpath thread"));
auto app = TRY(GUI::Application::try_create(arguments));

2
Userland/Applications/TextEditor/main.cpp
View file

@ -18,7 +18,7 @@ using namespace TextEditor;
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd thread rpath cpath wpath unix proc"));
TRY(Core::System::pledge("stdio recvfd sendfd thread rpath cpath wpath unix"));
auto app = TRY(GUI::Application::try_create(arguments));

2
Userland/Applications/ThemeEditor/main.cpp
View file

@ -38,7 +38,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
if (!file_to_edit.is_empty())
path = Core::File::absolute_path(file_to_edit);
TRY(Core::System::pledge("stdio recvfd sendfd thread rpath unix proc"));
TRY(Core::System::pledge("stdio recvfd sendfd thread rpath unix"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil(nullptr, nullptr));

2
Userland/Demos/Eyes/main.cpp
View file

@ -36,7 +36,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
args_parser.add_option(hide_window_frame, "Hide window frame", "hide-window", 'h');
args_parser.parse(arguments);
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread"));
auto app = TRY(GUI::Application::try_create(arguments));

2
Userland/Demos/WidgetGallery/main.cpp
View file

@ -14,7 +14,7 @@
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix thread proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix thread"));
auto app = TRY(GUI::Application::try_create(arguments, Core::EventLoop::MakeInspectable::Yes));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));

2
Userland/Games/2048/main.cpp
View file

@ -28,7 +28,7 @@
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio rpath recvfd sendfd unix proc"));
TRY(Core::System::pledge("stdio rpath recvfd sendfd unix"));
srand(time(nullptr));

2
Userland/Games/FlappyBug/main.cpp
View file

@ -28,7 +28,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/FlappyBug.md") }));
TRY(Desktop::Launcher::seal_allowlist());
TRY(Core::System::pledge("stdio rpath recvfd sendfd proc"));
TRY(Core::System::pledge("stdio rpath recvfd sendfd"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/res", "r"));

2
Userland/Games/GameOfLife/main.cpp
View file

@ -34,7 +34,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/GameOfLife.md") }));
TRY(Desktop::Launcher::seal_allowlist());
TRY(Core::System::pledge("stdio rpath recvfd sendfd proc"));
TRY(Core::System::pledge("stdio rpath recvfd sendfd"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/res", "r"));

2
Userland/Games/Hearts/main.cpp
View file

@ -40,7 +40,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/Hearts.md") }));
TRY(Desktop::Launcher::seal_allowlist());
TRY(Core::System::pledge("stdio recvfd sendfd rpath proc"));
TRY(Core::System::pledge("stdio recvfd sendfd rpath"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/res", "r"));

2
Userland/Games/MasterWord/main.cpp
View file

@ -30,7 +30,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/MasterWord.md") }));
TRY(Desktop::Launcher::seal_allowlist());
TRY(Core::System::pledge("stdio rpath recvfd sendfd proc"));
TRY(Core::System::pledge("stdio rpath recvfd sendfd"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/res", "r"));

2
Userland/Games/Minesweeper/main.cpp
View file

@ -36,7 +36,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/Minesweeper.md") }));
TRY(Desktop::Launcher::seal_allowlist());
TRY(Core::System::pledge("stdio rpath recvfd sendfd proc"));
TRY(Core::System::pledge("stdio rpath recvfd sendfd"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/res", "r"));

2
Userland/Games/Snake/main.cpp
View file

@ -31,7 +31,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/Snake.md") }));
TRY(Desktop::Launcher::seal_allowlist());
TRY(Core::System::pledge("stdio rpath recvfd sendfd proc"));
TRY(Core::System::pledge("stdio rpath recvfd sendfd"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/res", "r"));

2
Userland/Services/InspectorServer/main.cpp
View file

@ -17,7 +17,7 @@ ErrorOr<int> serenity_main(Main::Arguments)
{
Core::EventLoop event_loop;
TRY(Core::System::pledge("stdio unix accept rpath proc"));
TRY(Core::System::pledge("stdio unix accept rpath"));
auto server = TRY(IPC::MultiServer<InspectorServer::ConnectionFromClient>::try_create("/tmp/session/%sid/portal/inspector"));

2
Userland/Services/WebContent/main.cpp
View file

@ -22,7 +22,7 @@
ErrorOr<int> serenity_main(Main::Arguments)
{
Core::EventLoop event_loop;
TRY(Core::System::pledge("stdio recvfd sendfd accept unix rpath proc"));
TRY(Core::System::pledge("stdio recvfd sendfd accept unix rpath"));
TRY(Core::System::unveil("/proc/all", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/etc/timezone", "r"));

2
Userland/Utilities/aplay.cpp
View file

@ -22,7 +22,7 @@ constexpr size_t LOAD_CHUNK_SIZE = 128 * KiB;
ErrorOr<int> serenity_main(Main::Arguments arguments)
{
TRY(Core::System::pledge("stdio rpath sendfd unix thread proc"));
TRY(Core::System::pledge("stdio rpath sendfd unix thread"));
StringView path {};
bool should_loop = false;