From d407d2ad1326b51c3caa743fce117c9d4bc79a53 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 7 Aug 2017 10:11:37 -0400 Subject: [PATCH] Bug 1387570 - remove access to the com.apple.cache_delete mach service from content processes; r=haik MozReview-Commit-ID: LoB1rx5DoV5 --HG-- extra : rebase_source : 7721399376e8ae7e6f41581681b61e92e20f2b21 --- security/sandbox/mac/SandboxPolicies.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/security/sandbox/mac/SandboxPolicies.h b/security/sandbox/mac/SandboxPolicies.h index 0d77d8767e27..ec2c7072bee9 100644 --- a/security/sandbox/mac/SandboxPolicies.h +++ b/security/sandbox/mac/SandboxPolicies.h @@ -189,8 +189,7 @@ static const char contentSandboxRules[] = R"( (global-name "com.apple.audio.coreaudiod") (global-name "com.apple.audio.audiohald") (global-name "com.apple.SystemConfiguration.configd") - (global-name "com.apple.iconservices") - (global-name "com.apple.cache_delete")) + (global-name "com.apple.iconservices")) ; bug 1376163 (if (>= macosMinorVersion 13)