We have a bunch of macros for dealing with arch-dependent system calls in the seccomp sandbox whitelist; we should use them so that the --enable-content-sandbox build isn't broken on anything that isn't x86_64. There's no guarantee that the resulting policy will actually work (i.e., that a non-compromised content process won't violate it), but at the very least it would be less unwelcoming to anyone trying to improve it than it is now.
I forgot that I'd already filed this when I filed bug 1038486. Marking this one as the “duplicate” because the other one has a patch. Sorry for the bugspam.
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1038486
You need to log in before you can comment on or make changes to this bug.