Mercurial > mozreview > gecko / changeset / 9fe2c76888799e003d8161996e0e4c3b4779167b
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1416016 - Add ../config to the sandbox whitelist for older Mesa. r?jld draft
authorGian-Carlo Pascutto <gcp@mozilla.com>
Fri, 17 Nov 2017 15:23:28 +0100
changeset 699704 9fe2c76888799e003d8161996e0e4c3b4779167b
parent 699703 8d8cfa078d8601abcb66e1edb786e971f929ad89
child 740687 da72db6806596697eb9767951fb09add05ccf944
push id89635
push usergpascutto@mozilla.com
push dateFri, 17 Nov 2017 14:24:00 +0000
reviewersjld
bugs1416016
milestone59.0a1
Bug 1416016 - Add ../config to the sandbox whitelist for older Mesa. r?jld MozReview-Commit-ID: KahivmVJR1l
security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp file | annotate | diff | comparison | revisions 
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
@@ -77,17 +77,19 @@ AddMesaSysfsPaths(SandboxBroker::Policy*
                                     suffix);
             // libudev will expand the symlink but not do full
             // canonicalization, so it will leave in ".." path
             // components that will be realpath()ed in the
             // broker.  To match this, allow the canonical paths.
             UniqueFreePtr<char[]> realSysPath(realpath(sysPath.get(), nullptr));
             if (realSysPath) {
               nsPrintfCString ueventPath("%s/uevent", realSysPath.get());
+              nsPrintfCString configPath("%s/config", realSysPath.get());
               aPolicy->AddPath(rdonly, ueventPath.get());
+              aPolicy->AddPath(rdonly, configPath.get());
             }
           }
         }
       }
     }
     closedir(dir);
   }
 }
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:58Z.