Bug 1469657 - Whitelist Extensis UTC fonts on 10.11 and Earlier r=Alex_Gaynor
authorHaik Aftandilian <haftandilian@mozilla.com>
Tue, 19 Jun 2018 11:39:41 -0700
changeset 423557 05c7d22cb63ad760477108a95f3cc26c31ca2236
parent 423556 2ee2f01d8ca60f8179294478a5daea617eae9b66
child 423558 9dcaad7a978fd0610d6116a95413ad2f7059d0ff
push id34188
push userebalazs@mozilla.com
push dateTue, 26 Jun 2018 09:20:39 +0000
treeherdermozilla-central@ca98b6f47b4e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersAlex_Gaynor
bugs1469657
milestone63.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1469657 - Whitelist Extensis UTC fonts on 10.11 and Earlier r=Alex_Gaynor Add whitelist rules to allow access to Extensis Universal Type Manager fonts on 10.11 and earlier OS versions. MozReview-Commit-ID: 3cPKlC1xCUW
security/sandbox/mac/SandboxPolicies.h
--- a/security/sandbox/mac/SandboxPolicies.h
+++ b/security/sandbox/mac/SandboxPolicies.h
@@ -361,16 +361,18 @@ static const char contentSandboxRules[] 
       (regex #"\.[oO][tT][fF]$"          ; otf
              #"\.[tT][tT][fF]$"          ; ttf
              #"\.[tT][tT][cC]$"          ; ttc
              #"\.[oO][tT][cC]$"          ; otc
              #"\.[dD][fF][oO][nN][tT]$") ; dfont
       (home-subpath "/Library/FontCollections")
       (home-subpath "/Library/Application Support/Adobe/CoreSync/plugins/livetype")
       (home-subpath "/Library/Application Support/FontAgent")
+      (home-subpath "/Library/Extensis/UTC") ; bug 1469657
+      (subpath "/Library/Extensis/UTC")      ; bug 1469657
       (regex #"\.fontvault/")
       (home-subpath "/FontExplorer X/Font Library")))
 )SANDBOX_LITERAL";
 
 // These are additional rules that are added to the content process rules for
 // file content processes.
 static const char fileContentProcessAddend[] = R"SANDBOX_LITERAL(
   ; This process has blanket file read privileges
@@ -671,16 +673,18 @@ static const char flashPluginSandboxRule
       (regex #"\.[oO][tT][fF]$"          ; otf
              #"\.[tT][tT][fF]$"          ; ttf
              #"\.[tT][tT][cC]$"          ; ttc
              #"\.[oO][tT][cC]$"          ; otc
              #"\.[dD][fF][oO][nN][tT]$") ; dfont
       (home-subpath "/Library/FontCollections")
       (home-subpath "/Library/Application Support/Adobe/CoreSync/plugins/livetype")
       (home-subpath "/Library/Application Support/FontAgent")
+      (home-subpath "/Library/Extensis/UTC") ; bug 1469657
+      (subpath "/Library/Extensis/UTC")      ; bug 1469657
       (regex #"\.fontvault/")
       (home-subpath "/FontExplorer X/Font Library")))
 
   (if (string=? sandbox-level-1 "TRUE") (begin
     ; Open file dialogs
     (allow mach-lookup
 	; needed for the dialog sidebar
 	(global-name "com.apple.coreservices.sharedfilelistd.xpc")