Bug 1404919 - Whitelist Extensis Suitcase Fusion fontvaults. r=Alex_Gaynor draft
authorHaik Aftandilian <haftandilian@mozilla.com>
Thu, 12 Oct 2017 18:29:42 -0700
changeset 683064 e91dcb67467a82730099379face9e06a866cf929
parent 682729 15efe1c2f45971041acc727a6935d497f2a696fd
child 736514 d55e5fa905601cd09f92e6972424de305add37ad
push id85235
push userhaftandilian@mozilla.com
push dateThu, 19 Oct 2017 06:08:40 +0000
reviewersAlex_Gaynor
bugs1404919
milestone58.0a1
Bug 1404919 - Whitelist Extensis Suitcase Fusion fontvaults. r=Alex_Gaynor MozReview-Commit-ID: 5UaqiHBKd90
security/sandbox/mac/SandboxPolicies.h
--- a/security/sandbox/mac/SandboxPolicies.h
+++ b/security/sandbox/mac/SandboxPolicies.h
@@ -340,13 +340,17 @@ static const char contentSandboxRules[] 
   ; font extension. Limit this to the common font types:
   ; files ending in .otf, .ttf, .ttc, .otc, and .dfont.
   (allow file-read*
     (regex #"\.[oO][tT][fF]$"           ; otf
            #"\.[tT][tT][fF]$"           ; ttf
            #"\.[tT][tT][cC]$"           ; ttc
            #"\.[oO][tT][cC]$"           ; otc
            #"\.[dD][fF][oO][nN][tT]$")) ; dfont
+
+  ; bug 1404919
+  ; Read access (recursively) within directories ending in .fontvault
+  (allow file-read* (regex #"\.fontvault/"))
 )";
 
 }
 
 #endif // mozilla_SandboxPolicies_h