Mercurial > mozreview > gecko / changeset / 85259ada903bca1f85a5c48388019ce00e9f21da
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1380674 - remove the ability to create directories in the content temp directory on macOS; r?haik draft
authorAlex Gaynor <agaynor@mozilla.com>
Tue, 03 Oct 2017 09:49:44 -0400
changeset 674241 85259ada903bca1f85a5c48388019ce00e9f21da
parent 674178 11fe0a2895aab26c57bcfe61b3041d7837e954cd
child 734273 a83fa40c5958500c8f2057cb25b7266189e59f0c
push id82774
push userbmo:agaynor@mozilla.com
push dateTue, 03 Oct 2017 15:03:40 +0000
reviewershaik
bugs1380674
milestone58.0a1
Bug 1380674 - remove the ability to create directories in the content temp directory on macOS; r?haik MozReview-Commit-ID: 8SDcDTqp2F5
security/sandbox/mac/SandboxPolicies.h file | annotate | diff | comparison | revisions 
--- a/security/sandbox/mac/SandboxPolicies.h
+++ b/security/sandbox/mac/SandboxPolicies.h
@@ -322,19 +322,17 @@ static const char contentSandboxRules[] 
       (iokit-user-client-class "Gen6DVDContext"))
 
   ; bug 1237847
   (allow file-read* file-write-data
     (subpath appTempDir))
   (allow file-write-create
     (require-all
       (subpath appTempDir)
-      (require-any
-        (vnode-type REGULAR-FILE)
-        (vnode-type DIRECTORY))))
+      (vnode-type REGULAR-FILE)))
 
   ; bug 1382260
   ; We may need to load fonts from outside of the standard
   ; font directories whitelisted above. This is typically caused
   ; by a font manager. For now, whitelist any file with a
   ; font extension. Limit this to the common font types:
   ; files ending in .otf, .ttf, .ttc, .otc, and .dfont.
   (allow file-read*
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:59Z.