зеркало из https://github.com/mozilla/gecko-dev.git
9de1898bc2
Passes the profile dir to the content process as a -profile CLI option so that the correct profile dir can be used in the OS X content sandbox rules. Only enabled on OS X for now. On Nightly, profile directories will now be read/write protected from the content process (apart from a few profile subdirectories) even when they don't reside in ~/Library. xpcshell tests invoke the content process without providing a profile directory. In that case, we don't need to add filesystem profile dir. read/write exclusion rules to the sandbox. This patch adds two new macros to the content sandbox rule set: |profileDir| holds the path to the profile or the emptry string; |hasProfileDir| is a boolean (1 or 0) that indicates whether or not the profile directory rules should be added. If |hasProfileDir| is 0, profile directory exclusion rules don't need to be added and |profileDir| is not used. MozReview-Commit-ID: rrTcQwTNdT --HG-- extra : rebase_source : 3d5b612c8eb3a1d0da028eba277cd9d6f0c9ac00 |
||
|---|---|---|
| .. | ||
| app | ||
| chromium | ||
| contentproc | ||
| dbus | ||
| glue | ||
| hal | ||
| ipdl | ||
| keystore | ||
| mscom | ||
| netd | ||
| nfc | ||
| ril | ||
| testshell | ||
| unixfd | ||
| unixsocket | ||
| moz.build | ||
| pull-chromium.py | ||