From aa5cc6df7e5804ab07dcf4e31ff98c589aabd874 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Jan=20R=C4=99korajski?= Date: Wed, 6 Oct 2021 19:20:51 +0200 Subject: [PATCH] - really lower sandbox level to 2 for glibc 2.34, rel 3 --- firefox.spec | 2 +- glibc-2.34.patch | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/firefox.spec b/firefox.spec index 9a41133..7af62a8 100644 --- a/firefox.spec +++ b/firefox.spec @@ -49,7 +49,7 @@ Summary(hu.UTF-8): Firefox web böngésző Summary(pl.UTF-8): Firefox - przeglądarka WWW Name: firefox Version: 93.0 -Release: 2 +Release: 3 License: MPL v2.0 Group: X11/Applications/Networking Source0: https://releases.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz diff --git a/glibc-2.34.patch b/glibc-2.34.patch index d2cef94..916a879 100644 --- a/glibc-2.34.patch +++ b/glibc-2.34.patch @@ -12,3 +12,17 @@ pref("general.useragent.compatMode.firefox", false); pref("general.config.obscure_value", 13); // for MCD .cfg files +--- firefox-93.0/browser/app/profile/firefox.js~ 2021-10-06 09:50:42.000000000 +0200 ++++ firefox-93.0/browser/app/profile/firefox.js 2021-10-06 19:19:15.409293732 +0200 +@@ -1233,7 +1233,10 @@ + // the sandbox while we fix their problems, or to allow running Firefox with + // exotic configurations we can't reasonably support out of the box. + // +- pref("security.sandbox.content.level", 4); ++// Lower from 4 to 2 due to extension problems on glibc 2.34 ++// https://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2021-October/026375.html ++// https://wiki.mozilla.org/Security/Sandbox#Content_Levels ++ pref("security.sandbox.content.level", 2); + // Introduced as part of bug 1608558. Linux is currently the only platform + // that uses a sandbox level for the socket process. There are currently + // only 2 levels: -- 2.44.0