Bug 1378434 - Fixed comments in firefox.js about macOS content sandboxing; r?haik draft
authorAlex Gaynor <agaynor@mozilla.com>
Wed, 05 Jul 2017 13:03:01 -0400
changeset 604237 1189fa50e4e9fa974cf22b97f440f4ee2d5ea654
parent 604236 97a8f71407cc40b39d86d71a6907a5505d3eb867
child 636142 a1df75f2a0d6ecce01ed7043c6f01d588c0747ba
push id67018
push userbmo:agaynor@mozilla.com
push dateWed, 05 Jul 2017 17:03:13 +0000
reviewershaik
bugs1378434
milestone56.0a1
Bug 1378434 - Fixed comments in firefox.js about macOS content sandboxing; r?haik MozReview-Commit-ID: 21E7GrreHKu
browser/app/profile/firefox.js
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1062,17 +1062,19 @@ pref("security.sandbox.gpu.level", 0);
 // This pref is discussed in bug 1083344, the naming is inspired from its
 // Windows counterpart, but on Mac it's an integer which means:
 // 0 -> "no sandbox" (nightly only)
 // 1 -> "preliminary content sandboxing enabled: write access to
 //       home directory is prevented"
 // 2 -> "preliminary content sandboxing enabled with profile protection:
 //       write access to home directory is prevented, read and write access
 //       to ~/Library and profile directories are prevented (excluding
-//       $PROFILE/{extensions,weave})"
+//       $PROFILE/{extensions,chrome})"
+// 3 -> "no global read/write access, read access permitted to
+//       $PROFILE/{extensions,chrome}"
 // This setting is read when the content process is started. On Mac the content
 // process is killed when all windows are closed, so a change will take effect
 // when the 1st window is opened.
 #if defined(NIGHTLY_BUILD)
 pref("security.sandbox.content.level", 2);
 #else
 pref("security.sandbox.content.level", 1);
 #endif