MozillaWiki

Security/Sandbox: Difference between revisions

Page Discussion

Security/Sandbox (view source)

Revision as of 17:47, 6 February 2024

664 bytes removed ,  6 February 2024
Remove Flash information and outdated Console.app details.
(Removing link to Mac ruleset wiki page because it is outdated and not maintained.)
(Remove Flash information and outdated Console.app details.)
Line 371: Line 371:


# Launch the OS X Console app (/Applications/Utilities/Console.app) and filter on "plugin-container".
# Launch the OS X Console app (/Applications/Utilities/Console.app) and filter on "plugin-container".
# Either set the pref '''security.sandbox.logging.enabled=true''' and restart the browser OR launch the browser with the '''MOZ_SANDBOX_LOGGING''' environment variable set. Just setting the environment variable '''MOZ_SANDBOX_MAC_FLASH_LOGGING''' enables logging only for the OS X NPAPI Flash Plugin sandbox when it is enabled.
# Either set the pref '''security.sandbox.logging.enabled=true''' and restart the browser OR launch the browser with the '''MOZ_SANDBOX_LOGGING''' environment variable set.
 
* If Console.app is not already running at the time of the sandbox violation, the violation is not reliably logged.
* As of build 56, where filesystem read access restrictions were tightened, running Firefox always triggers sandbox violations and these will be logged. For example, plugin-container attempts to access /Applications and /Users (bug 1378968). We want to address these when possible, but some violations are complicated to avoid or are triggered by OS X library code that can't be avoided yet.


=== Linux specific Sandbox Logging ===
=== Linux specific Sandbox Logging ===
Haftandilian
202

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1249919"