Bug 1308568 - Add missing filesystem calls to Allow in case broker is disabled. r=haik
☠☠ backed out by d3f56ee6993a ☠ ☠
authorGian-Carlo Pascutto <gcp@mozilla.com>
Fri, 07 Oct 2016 20:58:11 +0200
changeset 317082 9887bfe1f8fa7a7ae5ce58a68acb5a1f6c3dccd0
parent 317081 d818379dc51cc2995043b8da51085a1c87d348d7
child 317083 d3f56ee6993a1ec8e4529a583a93342b2cdf9c47
push id20681
push userphilringnalda@gmail.com
push dateSat, 08 Oct 2016 23:57:20 +0000
treeherderfx-team@7a7ba250bb2f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewershaik
bugs1308568
milestone52.0a1
Bug 1308568 - Add missing filesystem calls to Allow in case broker is disabled. r=haik MozReview-Commit-ID: 6AdKbBH0NMh
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -590,16 +590,24 @@ public:
       switch(sysno) {
       case __NR_open:
       case __NR_openat:
       case __NR_access:
       case __NR_faccessat:
       CASES_FOR_stat:
       CASES_FOR_lstat:
       CASES_FOR_fstatat:
+      CASES_FOR_chmod:
+      case __NR_link:
+      case __NR_mkdir:
+      case __NR_symlink:
+      case __NR_rename:
+      case __NR_rmdir:
+      case __NR_unlink:
+      case __NR_readlink:
         return Allow();
       }
     }
 
     switch (sysno) {
 #ifdef DESKTOP
     case __NR_getppid:
       return Trap(GetPPidTrap, nullptr);