LadybirdBrowser/ladybird
1
1
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-12-26 20:55:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

Userland: Remove a bunch of unveil calls on /sys/kernel/processes

Browse Source 
These are not needed anymore since the introduction of the new
get_root_session_id syscall.
This commit is contained in:
Liav A 2023-01-13 01:02:26 +02:00 committed by Andreas Kling
parent 16b6e644d7
commit e241b47fee
Notes: sideshowbarker 2024-07-17 01:46:13 +09:00 
Author: https://github.com/supercomputer7
Commit: https://github.com/SerenityOS/serenity/commit/e241b47fee
Pull-request: https://github.com/SerenityOS/serenity/pull/16985
Reviewed-by: https://github.com/awesomekling
25 changed files with 0 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Userland/Applets/Audio/main.cpp
View File

@ -237,7 +237,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
Config::pledge_domain("AudioApplet");
TRY(Core::System::unveil("/tmp/session/%sid/portal/audio", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil(nullptr, nullptr));
auto window = TRY(GUI::Window::try_create());

1
Userland/Applications/3DFileViewer/main.cpp
View File

@ -370,7 +370,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix prot_exec"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/home/anon/Documents/3D Models", "r"));
TRY(Core::System::unveil("/res", "r"));

1
Userland/Applications/Browser/main.cpp
View File

@ -88,7 +88,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
if (!Browser::g_webdriver_content_ipc_path.is_empty())
specified_urls.empend("about:blank");
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/image", "rw"));

1
Userland/Applications/Help/main.cpp
View File

@ -23,7 +23,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix"));
auto app = TRY(GUI::Application::try_create(arguments));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
// We specifically don't want to load this path from a library, as that can be hijacked with LD_PRELOAD.
TRY(Core::System::unveil("/usr/share/man", "r"));

1
Userland/Applications/HexEditor/main.cpp
View File

@ -43,7 +43,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
return GUI::Window::CloseRequestDecision::StayOpen;
};
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Applications/Magnifier/main.cpp
View File

@ -47,7 +47,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Desktop::Launcher::seal_allowlist());
Config::pledge_domain("Magnifier");
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Applications/Mail/main.cpp
View File

@ -24,7 +24,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
Config::pledge_domain("Mail");
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/etc", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/webcontent", "rw"));

1
Userland/Applications/NetworkSettings/main.cpp
View File

@ -22,7 +22,6 @@ ErrorOr<int> serenity_main(Main::Arguments args)
TRY(Core::System::unveil("/bin/NetworkServer", "x"));
TRY(Core::System::unveil("/etc/Network.ini", "rwc"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/sys/kernel/net/adapters", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/clipboard", "rw"));

1
Userland/Applications/PDFViewer/main.cpp
View File

@ -34,7 +34,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Applications/PixelPaint/main.cpp
View File

@ -31,7 +31,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
args_parser.add_positional_argument(image_file, "Image file to open", "path", Core::ArgsParser::Required::No);
args_parser.parse(arguments);
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/clipboard", "rw"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));

1
Userland/Applications/Spreadsheet/main.cpp
View File

@ -44,7 +44,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
}
}
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/webcontent", "rw"));
TRY(Core::System::unveil("/etc", "r"));

1
Userland/Applications/Terminal/main.cpp
View File

@ -441,7 +441,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
terminal->set_logical_focus(!is_preempted);
};
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/bin", "r"));
TRY(Core::System::unveil("/proc", "r"));

1
Userland/Applications/TextEditor/main.cpp
View File

@ -31,7 +31,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
parser.add_positional_argument(file_to_edit, "File to edit, with optional starting line and column number", "file[:line[:column]]", Core::ArgsParser::Required::No);
parser.parse(arguments);
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/webcontent", "rw"));

1
Userland/Applications/ThemeEditor/main.cpp
View File

@ -39,7 +39,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
path = Core::File::absolute_path(file_to_edit);
TRY(Core::System::pledge("stdio recvfd sendfd thread rpath unix"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Applications/Welcome/main.cpp
View File

@ -19,7 +19,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
Config::pledge_domain("SystemServer");
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/webcontent", "rw"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));

1
Userland/Demos/Eyes/main.cpp
View File

@ -40,7 +40,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
auto app = TRY(GUI::Application::try_create(arguments));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Demos/WidgetGallery/main.cpp
View File

@ -17,7 +17,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Core::System::pledge("stdio recvfd sendfd rpath unix thread"));
auto app = TRY(GUI::Application::try_create(arguments, Core::EventLoop::MakeInspectable::Yes));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/etc/FileIconProvider.ini", "r"));

1
Userland/DevTools/GMLPlayground/main.cpp
View File

@ -67,7 +67,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Core::System::pledge("stdio thread recvfd sendfd cpath rpath wpath unix"));
auto app = TRY(GUI::Application::try_create(arguments));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw"));

1
Userland/Games/Chess/main.cpp
View File

@ -36,7 +36,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
auto window = TRY(GUI::Window::try_create());
auto widget = TRY(window->set_main_widget<ChessWidget>());
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/bin/ChessEngine", "x"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw"));

1
Userland/Services/LoginServer/main.cpp
View File

@ -70,7 +70,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Core::System::unveil("/etc/shadow", "r"));
TRY(Core::System::unveil("/etc/group", "r"));
TRY(Core::System::unveil("/bin/SystemServer", "x"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Services/SpiceAgent/main.cpp
View File

@ -18,7 +18,6 @@ ErrorOr<int> serenity_main(Main::Arguments)
TRY(Core::System::pledge("unix rpath wpath stdio sendfd recvfd"));
TRY(Core::System::unveil(SPICE_DEVICE, "rw"sv));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/clipboard", "rw"));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Services/WebContent/main.cpp
View File

@ -32,7 +32,6 @@ ErrorOr<int> serenity_main(Main::Arguments)
if (Core::File::exists(webdriver_socket_path))
TRY(Core::System::unveil(webdriver_socket_path, "rw"sv));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/res", "r"));
TRY(Core::System::unveil("/etc/timezone", "r"));
TRY(Core::System::unveil("/usr/lib", "r"));

1
Userland/Services/WebDriver/main.cpp
View File

@ -100,7 +100,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
TRY(Core::System::unveil("/bin/headless-browser", "rx"));
TRY(Core::System::unveil("/etc/timezone", "r"));
TRY(Core::System::unveil("/res/icons", "r"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil(webdriver_socket_path, "rwc"sv));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Utilities/aplay.cpp
View File

@ -35,7 +35,6 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
args_parser.add_option(show_sample_progress, "Show playback progress in samples", "sample-progress", 's');
args_parser.parse(arguments);
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/tmp/session/%sid/portal/audio", "rw"));
TRY(Core::System::unveil(Core::File::absolute_path(path), "r"sv));
TRY(Core::System::unveil(nullptr, nullptr));

1
Userland/Utilities/logout.cpp
View File

@ -12,7 +12,6 @@
ErrorOr<int> serenity_main(Main::Arguments)
{
TRY(Core::System::pledge("stdio proc rpath"));
TRY(Core::System::unveil("/sys/kernel/processes", "r"));
TRY(Core::System::unveil("/etc/passwd", "r"));
TRY(Core::System::unveil(nullptr, nullptr));