Closed ujpv closed 7 months ago
It's possible to imagine a situation where CEF is delivered as something like a plugin that can be replaced independently of the executable file. If it's acceptable, I could try to suggest a PR
It sounds like you're requesting Chromium code changes. If this is an actual problem that exists for you then I suggest opening an issue at https://issues.chromium.org/issues for discussion with the Chromium devs (with the goal of finding a general-purpose solution for Chromium embedders).
Is your feature request related to a problem? Please describe. The sandbox profiles contain the list of directories allowed to read or write. For instance for the GPU process it's common.sb + gpu.sb. In particular common.sb contains:
bundle-path
here is the value that is provided in runtime. It's the path of the bundle from that the main browser process is started. It comes from NSBundle::bundlePath. Reading any other than directory specified in the profiles is forbidden.It's possible to imagine a situation where CEF is delivered as something like a plugin that can be replaced independently of the executable file. It may be placed outside the main bundle. That makes impossible to use the sandboxing in such configuration. Note: The case with windows is not considered here(sandbox library must be linked to the executable). For linux I don't know such limitations, but I didn't have such need.
Describe the solution you'd like I'm asking to discuss possibility of patching common.sb to extend the list with something like
Of course, this
cef-path
must be forwarded to this script.Describe alternatives you've considered The only alternative I see is to strictly adhere to the bundle structure where CEF is inside the main app bundle. In some cases it might be problematic.
Additional context If it's acceptable, I could try to suggest a PR