Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-24 21:31:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1421262 - [Mac] Add access to hw.cachelinesize sysctl, /Library/GPUBundles to content sandbox rules. r=Alex_Gaynor

Browse Source 
MozReview-Commit-ID: LBWA8XD64h

--HG--
extra : rebase_source : dac2ea615fdcbbd4d029bbbb28e3d935a4416deb
This commit is contained in:
Haik Aftandilian 2017-12-21 14:15:29 -08:00
parent e6dbbae0aa
commit f6cdb35b8f
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
security/sandbox/mac/SandboxPolicies.h
View File

@ -70,7 +70,9 @@ static const char contentSandboxRules[] = R"(
; Allow read access to standard system paths.
(allow file-read*
(require-all (file-mode #o0004)
(require-any (subpath "/Library/Filesystems/NetFSPlugins")
(require-any
(subpath "/Library/Filesystems/NetFSPlugins")
(subpath "/Library/GPUBundles")
(subpath "/System")
(subpath "/usr/lib")
(subpath "/usr/share"))))
@ -127,6 +129,7 @@ static const char contentSandboxRules[] = R"(
(sysctl-name "hw.cpufrequency_max")
(sysctl-name "hw.l2cachesize")
(sysctl-name "hw.l3cachesize")
(sysctl-name "hw.cachelinesize")
(sysctl-name "hw.cachelinesize_compat")
(sysctl-name "hw.tbfrequency_compat")
(sysctl-name "hw.vectorunit")