202
edits
Security/Sandbox: Difference between revisions
Jump to navigation
Jump to search
Updated OS X violation logging details
Haftandilian (talk | contribs) (Updated OS X violation logging details) |
Haftandilian (talk | contribs) (Updated OS X violation logging details) |
||
| Line 379: | Line 379: | ||
=== OSX Specific === | === OSX Specific === | ||
On Mac, sandbox violation logging is disabled by default. | On Mac, sandbox violation logging is disabled by default. To enable logging, | ||
To enable logging, | |||
# Launch the OS X Console app (/Applications/Utilities/Console.app) and filter on "plugin-container". | # Launch the OS X Console app (/Applications/Utilities/Console.app) and filter on "plugin-container". | ||
# Either set the pref security.sandbox.logging.enabled=true and restart the browser OR launch the browser with the MOZ_SANDBOX_LOGGING environment variable set. | # Either set the pref '''security.sandbox.logging.enabled=true''' and restart the browser OR launch the browser with the '''MOZ_SANDBOX_LOGGING''' environment variable set. | ||
* If Console.app is not already running at the time of the sandbox violation, the violation is not reliably logged. | * If Console.app is not already running at the time of the sandbox violation, the violation is not reliably logged. | ||
* As of build 56, where filesystem read access restrictions were tightened, running Firefox always triggers sandbox violations and these will be logged. For example, plugin-container attempts to access /Applications and /Users (bug 1378968). We want to address these when possible, but some violations are complicated to avoid or are triggered by OS X library code that can't be avoided yet. | |||
=== Linux specific === | === Linux specific === | ||