Closed Bug 1359573 Opened 3 years ago Closed 3 years ago
[meta] [mac] review mach-lookup permissions for what can be removed
https://dxr.mozilla.org/mozilla-central/source/security/sandbox/mac/SandboxPolicies.h#160-178 We currently allow many mach-lookups, which were mostly inherited from |/System/Library/Sandbox/Profiles/system.sb|. We should review this and figure out what can be removed, and what the blockers for removing other items are.
Summary: [mac] review mach-lookup permissions for what can be removed → [meta] [mac] review mach-lookup permissions for what can be removed
Declaring this to be resolved. At this point we have investigated all of the mach-lookup permissions allowed in the content sandbox, removed the ones which we could, and know what the blockers are for the others!
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.