mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-19 00:05:36 +00:00
0940e5ba82
This adds the boolean pref security.sandbox.content.headless (on Linux only) which does two things: 1. Sets the MOZ_HEADLESS env var for content processes, so that they don't initialize GTK and don't connect to the X server. 2. Disallows brokered access to parts of the filesystem used only for graphics -- most critically connecting to the X11 socket itself, but also opening GPU device nodes and the parts of sysfs used by Mesa, for example. This is experimental; use at your own risk. Setting this pref will break native widgets, so it's also necessary to set widget.disable-native-theme-for-content Additionally, it breaks Flash and WebGL; see bug 1638466 for the latter. Differential Revision: https://phabricator.services.mozilla.com/D81425 |
||
|---|---|---|
| .. | ||
| apps | ||
| certverifier | ||
| ct | ||
| mac/hardenedruntime | ||
| manager | ||
| nss | ||
| sandbox | ||
| .eslintrc.js | ||
| generate_certdata.py | ||
| generate_mapfile.py | ||
| moz.build | ||
| nss.symbols | ||