| author | Alex Gaynor <agaynor@mozilla.com> |
| Wed, 05 Jul 2017 13:03:01 -0400 | |
| changeset 367418 | 3b94664811ab471a34b4903a810e2f6e5773e190 |
| parent 367417 | 789ccac5e77dea00f2ff0f517f4795354164639b |
| child 367419 | d1ed3af55efbd5dc0505f0daeb0fca27410125cc |
| push id | 45973 |
| push user | ryanvm@gmail.com |
| push date | Wed, 05 Jul 2017 18:09:51 +0000 |
| treeherder | autoland@3b94664811ab [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | haik |
| bugs | 1378434 |
| milestone | 56.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -1062,17 +1062,19 @@ pref("security.sandbox.gpu.level", 0); // This pref is discussed in bug 1083344, the naming is inspired from its // Windows counterpart, but on Mac it's an integer which means: // 0 -> "no sandbox" (nightly only) // 1 -> "preliminary content sandboxing enabled: write access to // home directory is prevented" // 2 -> "preliminary content sandboxing enabled with profile protection: // write access to home directory is prevented, read and write access // to ~/Library and profile directories are prevented (excluding -// $PROFILE/{extensions,weave})" +// $PROFILE/{extensions,chrome})" +// 3 -> "no global read/write access, read access permitted to +// $PROFILE/{extensions,chrome}" // This setting is read when the content process is started. On Mac the content // process is killed when all windows are closed, so a change will take effect // when the 1st window is opened. #if defined(NIGHTLY_BUILD) pref("security.sandbox.content.level", 2); #else pref("security.sandbox.content.level", 1); #endif