202
edits
Changes
Updated OS X violation logging details
=== OSX Specific ===
On Mac, sandbox violation logging is disabled by default. To enable logging,
# Launch the OS X Console app (/Applications/Utilities/Console.app) and filter on "plugin-container".
# Either set the pref '''security.sandbox.logging.enabled=true ''' and restart the browser OR launch the browser with the '''MOZ_SANDBOX_LOGGING ''' environment variable set.
* If Console.app is not already running at the time of the sandbox violation, the violation is not reliably logged.
* As of build 56, where filesystem read access restrictions were tightened, running Firefox always triggers sandbox violations and these will be logged. For example, plugin-container attempts to access /Applications and /Users (bug 1378968). We want to address these when possible, but some violations are complicated to avoid or are triggered by OS X library code that can't be avoided yet.
=== Linux specific ===
