зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1272772 - Inline system.sb and remove unneeded rules (removes unused macros); r=gcp
This commit is contained in:
Haik Aftandilian
Родитель
3cb7c0e726
Коммит
5b9493970f
|
|
@ -241,68 +241,6 @@ static const char contentSandboxRules[] =
|
|||
";;; Allow mostly harmless operations.\n"
|
||||
"(allow sysctl-read)\n"
|
||||
"\n"
|
||||
";;; (system-graphics) - Allow access to graphics hardware.\n"
|
||||
"(define (system-graphics)\n"
|
||||
" ;; Preferences\n"
|
||||
" (allow user-preference-read\n"
|
||||
" (preference-domain \"com.apple.opengl\")\n"
|
||||
" (preference-domain \"com.nvidia.OpenGL\"))\n"
|
||||
" ;; OpenGL memory debugging\n"
|
||||
" (allow mach-lookup\n"
|
||||
" (global-name \"com.apple.gpumemd.source\"))\n"
|
||||
" ;; CVMS\n"
|
||||
" (allow mach-lookup\n"
|
||||
" (global-name \"com.apple.cvmsServ\"))\n"
|
||||
" ;; OpenCL\n"
|
||||
" (allow iokit-open\n"
|
||||
" (iokit-connection \"IOAccelerator\")\n"
|
||||
" (iokit-user-client-class \"IOAccelerationUserClient\")\n"
|
||||
" (iokit-user-client-class \"IOSurfaceRootUserClient\")\n"
|
||||
" (iokit-user-client-class \"IOSurfaceSendRight\"))\n"
|
||||
" ;; CoreVideo CVCGDisplayLink\n"
|
||||
" (allow iokit-open\n"
|
||||
" (iokit-user-client-class \"IOFramebufferSharedUserClient\"))\n"
|
||||
" ;; H.264 Acceleration\n"
|
||||
" (allow iokit-open\n"
|
||||
" (iokit-user-client-class \"AppleSNBFBUserClient\"))\n"
|
||||
" ;; QuartzCore\n"
|
||||
" (allow iokit-open\n"
|
||||
" (iokit-user-client-class \"AGPMClient\")\n"
|
||||
" (iokit-user-client-class \"AppleGraphicsControlClient\")\n"
|
||||
" (iokit-user-client-class \"AppleGraphicsPolicyClient\"))\n"
|
||||
" ;; OpenGL\n"
|
||||
" (allow iokit-open\n"
|
||||
" (iokit-user-client-class \"AppleMGPUPowerControlClient\"))\n"
|
||||
" ;; DisplayServices\n"
|
||||
" (allow iokit-set-properties\n"
|
||||
" (require-all (iokit-connection \"IODisplay\")\n"
|
||||
" (require-any (iokit-property \"brightness\")\n"
|
||||
" (iokit-property \"linear-brightness\")\n"
|
||||
" (iokit-property \"commit\")\n"
|
||||
" (iokit-property \"rgcs\")\n"
|
||||
" (iokit-property \"ggcs\")\n"
|
||||
" (iokit-property \"bgcs\")))))\n"
|
||||
"\n"
|
||||
";;; (system-network) - Allow access to the network.\n"
|
||||
"(define (system-network)\n"
|
||||
" (allow file-read*\n"
|
||||
" (literal \"/Library/Preferences/com.apple.networkd.plist\"))\n"
|
||||
" (allow mach-lookup\n"
|
||||
" (global-name \"com.apple.SystemConfiguration.PPPController\")\n"
|
||||
" (global-name \"com.apple.SystemConfiguration.SCNetworkReachability\")\n"
|
||||
" (global-name \"com.apple.nehelper\")\n"
|
||||
" (global-name \"com.apple.networkd\")\n"
|
||||
" (global-name \"com.apple.nsurlstorage-cache\")\n"
|
||||
" (global-name \"com.apple.symptomsd\")\n"
|
||||
" (global-name \"com.apple.usymptomsd\"))\n"
|
||||
" (allow network-outbound\n"
|
||||
" (control-name \"com.apple.netsrc\")\n"
|
||||
" (control-name \"com.apple.network.statistics\"))\n"
|
||||
" (allow system-socket\n"
|
||||
" (require-all (socket-domain AF_SYSTEM)\n"
|
||||
" (socket-protocol 2)) ; SYSPROTO_CONTROL\n"
|
||||
" (socket-domain AF_ROUTE)))\n"
|
||||
"\n"
|
||||
"; -------- END system.sb -------- \n"
|
||||
"\n"
|
||||
"(if \n"
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче