Bug 1324610 - Some printing permissions still needed by content processes; r?gcp
MozReview-Commit-ID: B7nPgf5Xc9x
--- a/security/sandbox/mac/Sandbox.mm
+++ b/security/sandbox/mac/Sandbox.mm
@@ -391,16 +391,19 @@ static const char contentSandboxRules[]
" (allow file-read*\n"
" (home-subpath \"/Library/Caches/TemporaryItems\"))\n"
"\n"
"; bug 1237847\n"
" (allow file-read*\n"
" (subpath appTempDir))\n"
" (allow file-write*\n"
" (subpath appTempDir))\n"
+ "\n"
+ "; bug 1324610\n"
+ " (allow network-outbound (literal \"/private/var/run/cupsd\"))\n"
#ifdef DEBUG
"\n"
"; bug 1303987\n"
" (allow file-write* (var-folders-regex \"/\"))\n"
#endif
")\n";
bool StartMacSandbox(MacSandboxInfo aInfo, std::string &aErrorMessage)