Merge pull request #713 from MikeMcQuaid/ship-sandbox

Enable sandbox by default for homebrew/core

Library/Homebrew/cmd/postinstall.rb

@@ -21,12 +21,10 @@ module Homebrew
       args << "--devel"
     end
 
-    if Sandbox.available? && ARGV.sandbox?
+    Sandbox.print_sandbox_message if Sandbox.formula?(formula)
-      Sandbox.print_sandbox_message
-    end
 
     Utils.safe_fork do
-      if Sandbox.available? && ARGV.sandbox?
+      if Sandbox.formula?(formula)
         sandbox = Sandbox.new
         formula.logs.mkpath
         sandbox.record_log(formula.logs/"sandbox.postinstall.log")

Library/Homebrew/cmd/test.rb

@@ -57,12 +57,10 @@ module Homebrew
           args << "--devel"
         end
 
-        if Sandbox.available? && !ARGV.no_sandbox?
+        Sandbox.print_sandbox_message if Sandbox.test?
-          Sandbox.print_sandbox_message
-        end
 
         Utils.safe_fork do
-          if Sandbox.available? && !ARGV.no_sandbox?
+          if Sandbox.test?
             sandbox = Sandbox.new
             f.logs.mkpath
             sandbox.record_log(f.logs/"sandbox.test.log")

Library/Homebrew/formula_installer.rb

@@ -588,15 +588,13 @@ class FormulaInstaller
       #{formula.path}
     ].concat(build_argv)
 
-    if Sandbox.available? && ARGV.sandbox?
+    Sandbox.print_sandbox_message if Sandbox.formula?(formula)
-      Sandbox.print_sandbox_message
-    end
 
     Utils.safe_fork do
       # Invalidate the current sudo timestamp in case a build script calls sudo
       system "/usr/bin/sudo", "-k"
 
-      if Sandbox.available? && ARGV.sandbox?
+      if Sandbox.formula?(formula)
         sandbox = Sandbox.new
         formula.logs.mkpath
         sandbox.record_log(formula.logs/"sandbox.build.log")

Library/Homebrew/sandbox.rb

@@ -3,11 +3,24 @@ require "tempfile"
 
 class Sandbox
   SANDBOX_EXEC = "/usr/bin/sandbox-exec".freeze
+  SANDBOXED_TAPS = [
+    "homebrew/core",
+  ].freeze
 
   def self.available?
     OS.mac? && File.executable?(SANDBOX_EXEC)
   end
 
+  def self.formula?(formula)
+    return false unless available?
+    ARGV.sandbox? || SANDBOXED_TAPS.include?(formula.tap.to_s)
+  end
+
+  def self.test?
+    return false unless available?
+    !ARGV.no_sandbox?
+  end
+
   def self.print_sandbox_message
     unless @printed_sandbox_message
       ohai "Using the sandbox"

Library/Homebrew/test/test_sandbox.rb

@@ -13,6 +13,28 @@ class SandboxTest < Homebrew::TestCase
     @dir.rmtree
   end
 
+  def test_formula?
+    f = formula { url "foo-1.0" }
+    f2 = formula { url "bar-1.0" }
+    f2.stubs(:tap).returns(Tap.fetch("test/tap"))
+
+    ARGV.stubs(:sandbox?).returns true
+    assert Sandbox.formula?(f),
+      "Formulae should be sandboxed if --sandbox was passed."
+
+    ARGV.stubs(:sandbox?).returns false
+    assert Sandbox.formula?(f),
+      "Formulae should be sandboxed if in a sandboxed tap."
+    refute Sandbox.formula?(f2),
+        "Formulae should not be sandboxed if not in a sandboxed tap."
+  end
+
+  def test_test?
+    ARGV.stubs(:no_sandbox?).returns false
+    assert Sandbox.test?,
+      "Tests should be sandboxed unless --no-sandbox was passed."
+  end
+
   def test_allow_write
     @sandbox.allow_write @file
     @sandbox.exec "touch", @file