Mercurial > mozreview > gecko / changeset / 52dec4a29b3b8853b371971dccf2f2bb65130f71
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1388360 - remove access to the com.apple.iconservices mach service from content processes; r?haik draft
authorAlex Gaynor <agaynor@mozilla.com>
Tue, 08 Aug 2017 10:15:16 -0400
changeset 644247 52dec4a29b3b8853b371971dccf2f2bb65130f71
parent 644169 5322c03f4c8587fe526172d3f87160031faa6d75
child 725544 5266a5db4b4e2a46f54a8cbfb832ecd1efda93a2
push id73364
push userbmo:agaynor@mozilla.com
push dateThu, 10 Aug 2017 18:06:44 +0000
reviewershaik
bugs1388360
milestone57.0a1
Bug 1388360 - remove access to the com.apple.iconservices mach service from content processes; r?haik MozReview-Commit-ID: D20alO2PKR0
security/sandbox/mac/SandboxPolicies.h file | annotate | diff | comparison | revisions 
--- a/security/sandbox/mac/SandboxPolicies.h
+++ b/security/sandbox/mac/SandboxPolicies.h
@@ -181,18 +181,17 @@ static const char contentSandboxRules[] 
     (ipc-posix-name-regex "^AudioIO"))
 
   (allow signal (target self))
 
   (allow mach-lookup
       (global-name "com.apple.coreservices.launchservicesd")
       (global-name "com.apple.pasteboard.1")
       (global-name "com.apple.audio.coreaudiod")
-      (global-name "com.apple.audio.audiohald")
-      (global-name "com.apple.iconservices"))
+      (global-name "com.apple.audio.audiohald"))
 
 ; bug 1376163
   (if (>= macosMinorVersion 13)
     (allow mach-lookup (global-name "com.apple.audio.AudioComponentRegistrar")))
 
 ; bug 1312273
   (if (= macosMinorVersion 9)
      (allow mach-lookup (global-name "com.apple.xpcd")))
gecko
Deployed from af051c2a8da7 at 2024-04-29T16:08:02Z.