WebPlugin
authorEnrico Fracasso <enrico.fracasso@email.it>
Tue, 7 Oct 2008 17:13:35 +0000 (17:13 +0000)
committerEnrico Fracasso <enrico.fracasso@email.it>
Tue, 7 Oct 2008 17:13:35 +0000 (17:13 +0000)
fix:
* web plugin works on opera too

sandboxing:
* added AppArmor configuration
* enabled privilege separation for the web plugin: the blender player can run as a lower privileged user, xauth token is generated on the fly .

testing:
* web plugin tested on ubuntu 32/64bit, fedora and FreeBSD

Changed only cmake build script: AppArmor is enabled by default, if you want to enable privilege separation instead, you have to change the cmake variable WEBPLUGIN_SANDBOX_MODE to privsep (or none to
disable it).

Warning: source/gameengine/GamePlayer/xembed/blenderplayer-wrapper.c must be setuid root in order to change user successfully

CMakeLists.txt

index 506353628a4c43db4180bf50e63a8e108128cd49..9e615ecdfa593239f70801a97a882eca6b730903 100644 (file)
@@ -64,7 +64,7 @@ OPTION(WITH_OPENEXR           "Enable OpenEXR Support (http://www.openexr.com)"       ON)
 OPTION(WITH_FFMPEG             "Enable FFMPeg Support (http://ffmpeg.mplayerhq.hu/)"   OFF)
 OPTION(WITH_OPENAL             "Enable OpenAL Support (http://www.openal.org)"         ON)
 OPTION(WITH_OPENMP             "Enable OpenMP (has to be supported by the compiler)"   OFF)
-OPTION(WITH_WEBPLUGIN          "Enable Web Plugin (Mozilla-Unix only)"                 OFF)
+OPTION(WITH_WEBPLUGIN          "Enable Web Plugin (Unix only)"                         OFF)
 
 IF(NOT WITH_GAMEENGINE AND WITH_PLAYER)
   MESSAGE("WARNING: WITH_PLAYER needs WITH_GAMEENGINE")
@@ -428,6 +428,17 @@ SET(FTGL_INC ${FTGL}/include)
 SET(FTGL_LIB extern_ftgl)
 
 
+#-----------------------------------------------------------------------------
+# Blender WebPlugin
+
+IF(WITH_WEBPLUGIN) 
+  SET(GECKO_DIR "${CMAKE_SOURCE_DIR}/../gecko-sdk/" CACHE PATH "Gecko SDK path")
+  SET(WEBPLUGIN_SANDBOX_MODE "apparmor" CACHE STRING "WEB Plugin sandbox mode, can be apparmor, privsep, none")
+
+  SET(WITH_PLAYER ON)
+ENDIF(WITH_WEBPLUGIN)
+
+
 #-----------------------------------------------------------------------------
 # Configure OpenGL.
 INCLUDE(${CMAKE_ROOT}/Modules/FindOpenGL.cmake)
@@ -457,12 +468,6 @@ SUBDIRS(
 # Blender Application
 SUBDIRS(source/creator)
 
-#-----------------------------------------------------------------------------
-# Blender WebPlugin
-IF(WITH_WEBPLUGIN) 
-  SET(MOZILLA_DIR "${CMAKE_SOURCE_DIR}/../gecko-sdk/" CACHE PATH "Gecko SDK path")
-  SET(WITH_PLAYER ON)
-ENDIF(WITH_WEBPLUGIN)
 
 #-----------------------------------------------------------------------------
 # Blender Player