nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Bug 1867898 - Use more clone() flags for Utility r=gcp

Browse source 
Differential Revision: https://phabricator.services.mozilla.com/D195847
This commit is contained in:
Alexandre Lissy 2024-05-29 06:28:55 +00:00
parent 84c3f34421
commit 28c259722c
1 changed files with 7 additions and 0 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

7
security/sandbox/linux/launch/SandboxLaunch.cpp
View file

@ -319,6 +319,13 @@ void SandboxLaunch::Configure(GeckoProcessType aType, SandboxingKind aKind,
flags |= CLONE_NEWNET;
}
break;
case GeckoProcessType_Utility:
if (level >= 1) {
canChroot = true;
flags |= CLONE_NEWIPC;
flags |= CLONE_NEWNET;
}
break;
case GeckoProcessType_Content:
if (level >= 4) {
canChroot = true;