mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-28 12:45:27 +00:00
f514ff97b3
On macOS, the file-write* permission type contains numerous sub-permissions (see bug for full listing). Restrict the ones we allow to only the two we need: file-write-create and file-write-data. This primarily reduces kernel attack surface, I'm not aware of any bad things that could be done directly with the removed permissions. MozReview-Commit-ID: 3VvjFesy2qx --HG-- extra : rebase_source : 934ec17c44c9ef3d7fab29919d66cf1a55d57697 |
||
---|---|---|
.. | ||
apps | ||
certverifier | ||
manager | ||
nss | ||
pkix | ||
sandbox | ||
.eslintrc.js | ||
generate_certdata.py | ||
generate_mapfile.py | ||
moz.build | ||
nss.symbols |