202
edits
Sandbox/OS X Rule Set: Difference between revisions
Jump to navigation
Jump to search
Annotated Rules
Haftandilian (talk | contribs) (Annotated Rules) |
Haftandilian (talk | contribs) (Annotated Rules) |
||
| Line 326: | Line 326: | ||
" (allow-shared-list \"org.mozilla.plugincontainer\")\n" | " (allow-shared-list \"org.mozilla.plugincontainer\")\n" | ||
"\n" | "\n" | ||
</pre> | |||
|| TODO | |||
|- | |||
| <pre style="border:none;"> | |||
"; the following 2 rules should be removed when microphone and camera access\n" | "; the following 2 rules should be removed when microphone and camera access\n" | ||
"; are brokered through the content process\n" | "; are brokered through the content process\n" | ||
" (allow device-microphone)\n" | " (allow device-microphone)\n" | ||
" (allow device-camera)\n" | " (allow device-camera)\n" | ||
</pre> | |||
|| Camera and mic access. | |||
|- | |||
| "\n" | |||
" (allow file* (var-folders2-regex \"/com\\.apple\\.IntlDataCache\\.le$\"))\n" | " (allow file* (var-folders2-regex \"/com\\.apple\\.IntlDataCache\\.le$\"))\n" | ||
" (allow file-read*\n" | " (allow file-read*\n" | ||
| Line 343: | Line 350: | ||
" (home-regex \"/Library/Application Support/Firefox/Profiles/[^/]+/weave/\"))\n" | " (home-regex \"/Library/Application Support/Firefox/Profiles/[^/]+/weave/\"))\n" | ||
"\n" | "\n" | ||
<pre> | |||
|| TBD. | |||
|- | |||
"; the following rules should be removed when printing and \n" | "; the following rules should be removed when printing and \n" | ||
"; opening a file from disk are brokered through the main process\n" | "; opening a file from disk are brokered through the main process\n" | ||
| Line 357: | Line 367: | ||
"\n" | "\n" | ||
</pre> | </pre> | ||
|| | || File read and write access for $HOME sans ~/Library. We need write access for printing. We need read access to allow user to read files from $HOME. i.e., file:// resources. | ||
|- | |- | ||
| <pre style="border:none;"> | | <pre style="border:none;"> | ||