Bug 1308568 - Add missing filesystem calls to Allow in case broker is disabled. r?haik
MozReview-Commit-ID: 6AdKbBH0NMh
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -590,16 +590,24 @@ public:
switch(sysno) {
case __NR_open:
case __NR_openat:
case __NR_access:
case __NR_faccessat:
CASES_FOR_stat:
CASES_FOR_lstat:
CASES_FOR_fstatat:
+ CASES_FOR_chmod:
+ case __NR_link:
+ case __NR_mkdir:
+ case __NR_symlink:
+ case __NR_rename:
+ case __NR_rmdir:
+ case __NR_unlink:
+ case __NR_readlink:
return Allow();
}
}
switch (sysno) {
#ifdef DESKTOP
case __NR_getppid:
return Trap(GetPPidTrap, nullptr);