Integrate the MacOS sandbox into an executable Firefox application
Mar 02, '11 07:30:01AM • Contributed by: Lutzifer
Mar 02, '11 07:30:01AM • Contributed by: Lutzifer
Following up on the ideas of this previous hint, there is also a possibility to make an application which starts with the sandbox already activated, so there is no need to run a shell script every time you need the sandbox.
This is how to do that:
Here is a script that automates necessary modifications (which you can download from here).
[crarko adds: I haven't tested this one. I've mirrored the script download here.]
This is how to do that:
- Make a copy of your Firefox.app and rename it to FirefoxSandbox.app
- Right-Click on FirefoxSandbox.app and choose 'Show Package Contents.'
- Take the sandbox definition from the hint referenced above and save it as 'sandbox' in the Contents/MacOS subfolder of the package. Replace all the references to 'Firefox.app' within that file with 'FirefoxSandbox.app.'
- Create a file called 'firefoxSandbox' in the same Contents/MacOS folder and make it executable.
- The contents of the 'firefoxSandbox' file are (just paste in the following):
#!/bin/sh sandbox-exec -f /Applications/FirefoxSandbox.app/Contents/MacOS/sandbox /Applications/FirefoxSandbox.app/Contents/MacOS/firefox-bin
- In the 'info.plist' file in Contents/MacOS, replace
with
<key>CFBundleExecutable</key> <string>firefox-bin</string>
<key>CFBundleExecutable</key> <string>FirefoxSandbox</string>
Here is a script that automates necessary modifications (which you can download from here).
#!/bin/sh # make a copy of firefox cp -R /Applications/Firefox.app/ /Applications/FirefoxSandbox.app/ # Copy the sandbox definition into the Application cp sandbox /Applications/FirefoxSandbox.app/Contents/MacOS/sandbox # Copy the sandbox-script into the Application cp firefoxSandbox /Applications/FirefoxSandbox.app/Contents/MacOS/firefoxSandbox # Make the sandbox script executable chmod u+x /Applications/FirefoxSandbox.app/Contents/MacOS/firefoxSandbox # Modify the info.plist file mv /Applications/FirefoxSandbox.app/Contents/info.plist /Applications/FirefoxSandbox.app/Contents/info.plist.old cat /Applications/FirefoxSandbox.app/Contents/info.plist.old | sed s/firefox-bin/firefoxSandbox/ > /Applications/FirefoxSandbox.app/Contents/info.plist
[crarko adds: I haven't tested this one. I've mirrored the script download here.]
•
[5,723 views]
