Bug 956961 - Stop disabling sandboxing when DMD is enabled. r=kang
☠☠ backed out by 466138f414d8 ☠ ☠
authorJed Davis <jld@mozilla.com>
Wed, 02 Jul 2014 11:28:48 -0700
changeset 192013 f1be89cb58b92f458c14f5fe5b3670d56cb6ea6e
parent 192012 272b01e4f856261c6c54e031402a34e6a785d74c
child 192014 d6e4fac2b9a1960cfd46b33c91ef476ac43962db
push id1
push userroot
push dateMon, 20 Oct 2014 17:29:22 +0000
reviewerskang
bugs956961
milestone33.0a1
Bug 956961 - Stop disabling sandboxing when DMD is enabled. r=kang
security/sandbox/linux/Sandbox.cpp
--- a/security/sandbox/linux/Sandbox.cpp
+++ b/security/sandbox/linux/Sandbox.cpp
@@ -206,25 +206,16 @@ InstallSyscallReporter(void)
  * whitelist).
  *
  * @return 0 on success, 1 on failure.
  * @see sock_fprog (the seccomp_prog).
  */
 static int
 InstallSyscallFilter(const sock_fprog *prog)
 {
-#ifdef MOZ_DMD
-  char* e = PR_GetEnv("DMD");
-  if (e && strcmp(e, "") != 0 && strcmp(e, "0") != 0) {
-    LOG_ERROR("SANDBOX DISABLED FOR DMD!  See bug 956961.");
-    // Must treat this as "failure" in order to prevent infinite loop;
-    // cf. the PR_GET_SECCOMP check below.
-    return 1;
-  }
-#endif
   if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
     return 1;
   }
 
   if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, (unsigned long)prog, 0, 0)) {
     return 1;
   }
   return 0;