| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
We’re always using the sandbox where possible now so this is just
noise for the vast majority of our users.
|
|
We've been doing this in `brew test-bot`, for our CI and for
homebrew/core long enough that this is a reasonable default that
provides more protection to our users of non-homebrew/core taps.
|
|
This avoids build failure for `root6`.
MacPorts currently avoids the failure with a patch, as their sandbox
doesn't yet allow write access to `/dev/random` either:
https://github.com/macports/macports-ports/blob/7792b2c5655f9d2adb979434a242cc3ac60fea40/science/root6/Portfile#L73-L75
https://github.com/macports/macports-ports/blob/7792b2c5655f9d2adb979434a242cc3ac60fea40/science/root6/files/patch-disable-hsimple-macro.diff
The relevant code where `/dev/random` is opened with `O_WRONLY` is here:
https://github.com/root-project/root/blob/15673deba5a0cb73d90ae8f36d7b010f65b5e96e/interpreter/cling/lib/Utils/PlatformPosix.cpp#L63-L82
|
|
|
|
|
|
|
|
|
|
This may result in a slightly varied build but it’s generally just far
less annoying to be able to access all your e.g. shell configuration.
|
|
|
|
If we have a HOMEBREW_REPOSITORY and HOMEBREW_PREFIX mismatch (now the
default) then we can block access to the whole of HOMEBREW_REPOSITORY
rather than just the HOMEBREW_LIBRARY and `.git`.
|
|
It doesn't really need to be as tight as it is currently, certainly outside brew
you can write to here without any special privileges beside being the user,
and being so can tight can cause issues on clean systems or systems where
Xcode hasn't been used before as exposed by https://github.com/Homebrew/homebrew-core/issues/4892.
Closes https://github.com/Homebrew/homebrew-core/issues/4892.
|
|
|
|
|
|
|
|
|
|
|
|
But remove some manual `.freeze`s on constants that shouldn't be
constants.
|
|
Although `sandbox-exec` is available in 10.5, it has very limit
support on the DSL for sandbox profile file(.sb file). Therefore,
sandbox for Homebrew on 10.5 is broken.
Closes #735.
Signed-off-by: Xu Cheng <git@xuc.me>
|
|
|
|
Add a new `Sandbox.formula?` method to see if a given formula should be
sandboxed. Use the formula to check its tap against a list of
pre-approved taps where we know every formula builds under the sandbox
(currently just homebrew/core).
|
|
Simplify checking if we’re going to sandbox a test with `Sandbox.test?`.
|
|
These are never fatal and often confusing.
Fixes #683.
|
|
Also enables sandbox for --interactive and --debug use of install
and test, using automatic retention.
Closes #66.
Signed-off-by: Andrew Janke <andrew@apjanke.net>
|
|
|
|
|
|
* use syslog filter instead of grep.
* output sandbox log to stdout when verbose and failed.
* output nothing if sandbox log is empty.
Closes Homebrew/homebrew#43325.
Signed-off-by: Xu Cheng <xucheng@me.com>
|
|
Closes Homebrew/homebrew#43344.
|
|
Long term it would be nice to sandbox everything that writes to DerivedData
but it is essentially a cache directory of sorts.
The downside of allowing stuff to write there particularly is that DerivedData
is notoriously bad at getting cleaned up, so if you do a lot of Xcode-using
installations very quickly, you can chew your disk space up.
Closes Homebrew/homebrew#43276.
Signed-off-by: Dominyk Tiller <dominyktiller@gmail.com>
|
|
|
|
Closes Homebrew/homebrew#42354.
Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>
|
|
Closes Homebrew/homebrew#42293.
Signed-off-by: Xu Cheng <xucheng@me.com>
|
|
Closes Homebrew/homebrew#38792.
Signed-off-by: Xu Cheng <xucheng@me.com>
|
|
1. `script` (used to fake the tty) requires write access to /dev/ptmx
and /dev/ttys*
2. sandbox profile only accepts `[0-9]` instead of `\d`.
|
|
|
|
|
|
Closes Homebrew/homebrew#38711.
Signed-off-by: Xu Cheng <xucheng@me.com>
|
|
|
|
Closes Homebrew/homebrew#38361.
Signed-off-by: Xu Cheng <xucheng@me.com>
|
