a35404cae9
to be read, as openssl 1.1.1 FIPS aborts if it cannot access it (bsc#1167132) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=814
17 lines
786 B
Diff
17 lines
786 B
Diff
From: meissner@suse.com
|
|
Subject: allow Firefox to access addtional process information
|
|
Reference: http://bugzilla.suse.com/show_bug.cgi?id=1167132
|
|
|
|
Index: firefox-74.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
|
|
===================================================================
|
|
--- firefox-74.0.orig/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
|
|
+++ firefox-74.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
|
|
@@ -276,6 +276,7 @@ SandboxBrokerPolicyFactory::SandboxBroke
|
|
|
|
// Read permissions
|
|
policy->AddPath(rdonly, "/dev/urandom");
|
|
+ policy->AddPath(rdonly, "/proc/sys/crypto/fips_enabled");
|
|
policy->AddPath(rdonly, "/proc/cpuinfo");
|
|
policy->AddPath(rdonly, "/proc/meminfo");
|
|
policy->AddDir(rdonly, "/sys/devices/cpu");
|