Closed Bug 1370540 Opened 3 years ago Closed 3 years ago

[mac] extend level 3 sandbox blacklist to include all of /Users and /Network

Categories

(Core :: Security: Process Sandboxing, enhancement)

Unspecified
macOS
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla55
Tracking Status
firefox55 --- fixed

People

(Reporter: Alex_Gaynor, Assigned: Alex_Gaynor)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

It's unlikely that the whitelist approach (bug 1357758) will be ready at the same time the rest of the level 3 work is ready to ship. To maximize the strength of the blacklist we should include all of |/Users| and |/Network|.
Comment on attachment 8874854 [details]
Bug 1370540 - Extend the level 3 content sandbox filesystem read blacklist to include /Network and /Users;

https://reviewboard.mozilla.org/r/146252/#review150256

Ship it! (Assuming this is clean on try with level=3).
Attachment #8874854 - Flags: review?(haftandilian) → review+
Keywords: checkin-needed
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/c6ab7e1a315b
Extend the level 3 content sandbox filesystem read blacklist to include /Network and /Users; r=haik
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/c6ab7e1a315b
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
You need to log in before you can comment on or make changes to this bug.