Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-03 12:40:06 +01:00
Code Issues Projects Releases Packages Wiki Activity

Don't allow processes to be executed inside /private/var or Autosave Info

Browse source
This commit is contained in:
Patrick Walton 2012-08-21 17:16:16 -07:00
parent 90b59b1f50
commit b10b669575
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/etc/servo.sb
View file

@ -18,6 +18,10 @@
(allow process-exec (allow process-exec
(regex #"/servo$")) (regex #"/servo$"))
(deny process-exec
(regex #"^/Users/[^/]+/Library/Autosave Information")
(subpath "/private/var"))
(allow sysctl-read) (allow sysctl-read)
(allow sysctl-write) (allow sysctl-write)
(allow ipc-posix-shm) (allow ipc-posix-shm)