Problem with trace mode in custom installation
Clemens Lang
cal at macports.org
Tue Aug 19 16:20:54 PDT 2014
Hi,
> There's a buffer somewhere that holds the sandbox definition string,
> which contains $prefix a couple of times. I figure that's the one that's
> actually overflowing, but I'd have to check.
In your case, I think this was a simple off-by-one, should be fixed in
https://trac.macports.org/changeset/124145.
> That code should really be rewritten to accept arbitrary sizes – last
> time I've hit that I was lazy and just increased the buffer size :/
Taking a look at *that* part of the tracelib code was a good idea, though.
Turns out generally allowing access to /usr will also allow access to
/usr/local, and I didn't even notice before. Fixed (and deleted the messy
code that did it) in
https://trac.macports.org/changeset/124146
Also, added /Library/Frameworks to the deny list of the sandbox, since
that directory causes some problems.
--
Clemens Lang
More information about the macports-dev
mailing list