Bug 1388046 - Disable sandbox read restrictions (level 3) on beta/release. r?jld
MozReview-Commit-ID: 3VQM545aqpL
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1091,17 +1091,21 @@ pref("security.sandbox.content.level", 3
// to whitelist more system calls.
//
// So the purpose of this setting is to allow nightly users to disable the
// sandbox while we fix their problems. This way, they won't have to wait for
// another nightly release which disables seccomp-bpf again.
//
// This setting may not be required anymore once we decide to permanently
// enable the content sandbox.
+#ifdef NIGHTLY_BUILD
pref("security.sandbox.content.level", 3);
+#else
+pref("security.sandbox.content.level", 2);
+#endif
pref("security.sandbox.content.write_path_whitelist", "");
pref("security.sandbox.content.read_path_whitelist", "");
pref("security.sandbox.content.syscall_whitelist", "");
#endif
#if defined(XP_MACOSX) || defined(XP_WIN)
#if defined(MOZ_SANDBOX) && defined(MOZ_CONTENT_SANDBOX)
// ID (a UUID when set by gecko) that is used to form the name of a