Don't do the security scope bookmark dance if not in a sandboxed process

No point in doing it in build-time tools like cppumaker which don't
run as sandboxed processes. Just slows them down a lot, while cfprefsd
consumes lots of CPU doing user preference lookups in vain for every
file accessed through the uunxapi functions.

Change-Id: I83e55a8e8d0c4f2c60c60ecad2c831e42c9e5bfd

2 files changed, 36 insertions, 4 deletions

diff --git a/sal/Library_sal.mk b/sal/Library_sal.mk
index 16c4876eb642..77d4176ed111 100644
--- a/sal/Library_sal.mk
+++ b/sal/Library_sal.mk
@@ -81,6 +81,7 @@ $(eval $(call gb_Library_use_system_darwin_frameworks,sal,\
 	Carbon \
 	CoreFoundation \
 	Foundation \
+	$(if $(ENABLE_MACOSX_SANDBOX),Security) \
 ))
 endif
 
diff --git a/sal/osl/unx/uunxapi.cxx b/sal/osl/unx/uunxapi.cxx
index 6fb75a1d68e1..8690c4df7877 100644
--- a/sal/osl/unx/uunxapi.cxx
+++ b/sal/osl/unx/uunxapi.cxx
@@ -37,11 +37,36 @@ inline rtl::OString OUStringToOString(const rtl_uString* s)
 
 #if defined(MACOSX) && MAC_OS_X_VERSION_MIN_REQUIRED >= 1070 && HAVE_FEATURE_MACOSX_SANDBOX
 
+#include <Foundation/Foundation.h>
+#include <Security/Security.h>
+#include <mach-o/dyld.h>
+
 static NSUserDefaults *userDefaults = NULL;
+static bool isSandboxed = false;
 
-static void get_user_defaults()
+static void do_once()
 {
-    userDefaults = [NSUserDefaults standardUserDefaults];
+    SecCodeRef code;
+    OSStatus rc = SecCodeCopySelf(kSecCSDefaultFlags, &code);
+
+    SecStaticCodeRef staticCode;
+    if (rc == errSecSuccess)
+        rc = SecCodeCopyStaticCode(code, kSecCSDefaultFlags, &staticCode);
+
+    CFDictionaryRef signingInformation;
+    if (rc == errSecSuccess)
+        rc = SecCodeCopySigningInformation(staticCode, kSecCSRequirementInformation, &signingInformation);
+
+    CFDictionaryRef entitlements = NULL;
+    if (rc == errSecSuccess)
+        entitlements = (CFDictionaryRef) CFDictionaryGetValue(signingInformation, kSecCodeInfoEntitlementsDict);
+
+    if (entitlements != NULL)
+        if (CFDictionaryGetValue(entitlements, CFSTR("com.apple.security.app-sandbox")) != NULL)
+            isSandboxed = true;
+
+    if (isSandboxed)
+        userDefaults = [NSUserDefaults standardUserDefaults];
 }
 
 typedef struct {
@@ -53,12 +78,15 @@ static accessFilePathState *
 prepare_to_access_file_path( const char *cpFilePath )
 {
     static pthread_once_t once = PTHREAD_ONCE_INIT;
-    pthread_once(&once, &get_user_defaults);
+    pthread_once(&once, &do_once);
     NSURL *fileURL = nil;
     NSData *data = nil;
     BOOL stale;
     accessFilePathState *state;
 
+    if (!isSandboxed)
+        return NULL;
+
     // If malloc() fails we are screwed anyway
     state = (accessFilePathState*) malloc(sizeof(accessFilePathState));
 
@@ -86,6 +114,9 @@ prepare_to_access_file_path( const char *cpFilePath )
 static void
 done_accessing_file_path( const char * /*cpFilePath*/, accessFilePathState *state )
 {
+    if (!isSandboxed)
+        return;
+
     int saved_errno = errno;
 
     if (state->scopeURL != nil)
@@ -259,7 +290,7 @@ int open_c(const char *cpPath, int oflag, int mode)
     int result = open(cpPath, oflag, mode);
 
 #if defined(MACOSX) && MAC_OS_X_VERSION_MIN_REQUIRED >= 1070 && HAVE_FEATURE_MACOSX_SANDBOX
-    if (result != -1 && (oflag & O_CREAT) && (oflag & O_EXCL))
+    if (isSandboxed && result != -1 && (oflag & O_CREAT) && (oflag & O_EXCL))
     {
         // A new file was created. Check if it is outside the sandbox.
         // (In that case it must be one the user selected as export or