Bug 1556846 - [10.15] Crash in [@ mozilla::plugins::PluginUtilsOSX::SetProcessName] r=spohl

Allow limited access to the proc_pidinfo() syscall from the Mac utility process sandbox. Differential Revision: https://phabricator.services.mozilla.com/D37533 --HG-- extra : moz-landing-system : lando
2024-10-20 16:55:40 +00:00 · 2019-07-10 15:00:05 +00:00 · 2019-07-10 15:00:05 +00:00 · 7105b782dc
commit 7105b782dc
parent e6312ffdc5
1 changed files with 1 additions and 0 deletions
--- a/security/sandbox/mac/SandboxPolicyUtility.h
+++ b/security/sandbox/mac/SandboxPolicyUtility.h
@ -23,6 +23,7 @@ static const char SandboxPolicyUtility[] = R"SANDBOX_LITERAL(
  (moz-deny default)
  ; These are not included in (deny default)
  (moz-deny process-info*)
+  (allow process-info-pidinfo (target self))
  ; This isn't available in some older macOS releases.
  (if (defined? 'nvram*)
    (moz-deny nvram*))