From 2e4ea0b3cdf9ffe1b82241a3c2c19642a62053b5 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 24 Jul 2017 09:50:32 -0400 Subject: [PATCH] Bug 1383818 - Disallow content processes for using the com.apple.ocspd mach service; r=haik It is not used, so this is an attack surface reduction. MozReview-Commit-ID: mrW9hi0SAh --HG-- extra : rebase_source : 889b937cfd20680bbb62391fa7932b5cd2e1fd6a --- security/sandbox/mac/SandboxPolicies.h | 1 - 1 file changed, 1 deletion(-) diff --git a/security/sandbox/mac/SandboxPolicies.h b/security/sandbox/mac/SandboxPolicies.h index 433c11a678ba..d9ba25b14c76 100644 --- a/security/sandbox/mac/SandboxPolicies.h +++ b/security/sandbox/mac/SandboxPolicies.h @@ -201,7 +201,6 @@ static const char contentSandboxRules[] = R"( (global-name "com.apple.cache_delete") (global-name "com.apple.pluginkit.pkd") (global-name "com.apple.bird") - (global-name "com.apple.ocspd") (global-name "com.apple.cmio.AppleCameraAssistant") (global-name "com.apple.DesktopServicesHelper"))