Mercurial > mozreview > gecko / changeset / 50a8643a8128a0a98d2399fbaf6ab2a90376277b
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1388454 - remove access to the com.apple.pasteboard.1 mach service from content processes; r?haik draft
authorAlex Gaynor <agaynor@mozilla.com>
Tue, 08 Aug 2017 13:51:48 -0400 (2017-08-08)
changeset 643296 50a8643a8128a0a98d2399fbaf6ab2a90376277b
parent 643173 4c5fbf49376351679dcc49f4cff26c3c2e055ccc
child 725262 626d0864c28fcda73f2a20a126e3e1f86c197dc4
push id73052
push userbmo:agaynor@mozilla.com
push dateWed, 09 Aug 2017 15:18:04 +0000 (2017-08-09)
reviewershaik
bugs1388454
milestone57.0a1
Bug 1388454 - remove access to the com.apple.pasteboard.1 mach service from content processes; r?haik MozReview-Commit-ID: EXb6UDYohZT
security/sandbox/mac/SandboxPolicies.h file | annotate | diff | comparison | revisions 
--- a/security/sandbox/mac/SandboxPolicies.h
+++ b/security/sandbox/mac/SandboxPolicies.h
@@ -179,17 +179,16 @@ static const char contentSandboxRules[] 
     (ipc-posix-name-regex "^CFPBS:"))
   (allow ipc-posix-shm-read* ipc-posix-shm-write-data
     (ipc-posix-name-regex "^AudioIO"))
 
   (allow signal (target self))
 
   (allow mach-lookup
       (global-name "com.apple.coreservices.launchservicesd")
-      (global-name "com.apple.pasteboard.1")
       (global-name "com.apple.audio.coreaudiod")
       (global-name "com.apple.audio.audiohald")
       (global-name "com.apple.SystemConfiguration.configd")
       (global-name "com.apple.iconservices"))
 
 ; bug 1376163
   (if (>= macosMinorVersion 13)
     (allow mach-lookup (global-name "com.apple.audio.AudioComponentRegistrar")))
gecko
Deployed from ae4bf6620a9a at 2025-07-31T11:56:03Z.