admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

Merge pull request #17759 from Homebrew/revert-17719-sandbox_process_signals

Browse Source
This commit is contained in:
Rylan Polster 2024-07-15 12:52:44 -04:00 committed by GitHub
commit 3db7d01978
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 0 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Library/Homebrew/sandbox.rb
View File

@ -302,7 +302,6 @@ class Sandbox
(literal "/bin/ps") (literal "/bin/ps")
(with no-sandbox) (with no-sandbox)
) ; allow certain processes running without sandbox ) ; allow certain processes running without sandbox
(deny signal (target others)) ; deny sending signals to other processes
(allow default) ; allow everything else (allow default) ; allow everything else
ERB ERB

18
Library/Homebrew/test/sandbox_spec.rb
View File

@ -129,22 +129,4 @@ RSpec.describe Sandbox, :needs_macos do
end end
end end
end end
describe "disallow sending signal to other processes" do
# we have to spawn a process, otherwise kill doesn't try to send a signal if the process doesn't exist
let(:pid) do
pid = spawn("sleep 1000")
sleep 0.1 # Ensure the process has started
pid
end
after do
Process.kill("KILL", pid)
Process.wait(pid)
end
it "sandbox stops signal to other processes" do
expect { sandbox.exec "kill", "-SIGTERM", pid.to_s }.to raise_error(ErrorDuringExecution)
end
end
end end