1 /* -*- Mode: C++; tab-width: 20; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 #ifndef nsSandboxViolationSink_h_
7 #define nsSandboxViolationSink_h_
11 // Class for tracking sandbox violations. Currently it just logs them to
12 // stdout and the system console. In the future it may do more.
14 // What makes this possible is the fact that Apple' sandboxd calls
15 // notify_post("com.apple.sandbox.violation.*") whenever it's notified by the
16 // Sandbox kernel extension of a sandbox violation. We register to receive
17 // these notifications. But the notifications are empty, and are sent for
18 // every violation in every process. So we need to do more to get only "our"
19 // violations, and to find out what kind of violation they were. See the
20 // implementation of nsSandboxViolationSink::ViolationHandler().
22 #define SANDBOX_VIOLATION_QUEUE_NAME "org.mozilla.sandbox.violation.queue"
23 #define SANDBOX_VIOLATION_NOTIFICATION_NAME "com.apple.sandbox.violation.*"
25 class nsSandboxViolationSink
{
31 static void ViolationHandler();
32 static int mNotifyToken
;
33 static uint64_t mLastMsgReceived
;
36 #endif // nsSandboxViolationSink_h_