From 3a94093e139087160c58368eadc7a0327ad7a110 Mon Sep 17 00:00:00 2001 From: girst Date: Thu, 26 Sep 2019 22:03:26 +0200 Subject: [PATCH] Document config file sandboxing issues and workarounds on Fx57+ Further discussion in bug #939. --- documentation/config-file.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/documentation/config-file.md b/documentation/config-file.md index 324acc7..42a62f2 100644 --- a/documentation/config-file.md +++ b/documentation/config-file.md @@ -47,8 +47,8 @@ Follow these steps to get started: 4. If you are running Firefox 57+, whitelist the `config_file_directory` by setting `security.sandbox.content.read_path_whitelist` (Linux and Windows) or `security.sandbox.content.mac.testing_read_path1` (OS X) to the absolute path - of the config directory (`~` not supported) ending on `/` (or `\`). Restart - the browser after modifying these prefs. + of the config directory (`~` not supported) ending on `/` (or `\`). You may + have to restart the browser after modifying these prefs. 5. Run the `gC` command in VimFx. That needs to be done any time you change `config_file_directory`, or edit `config.js` or `frame.js`. This tells VimFx @@ -209,9 +209,8 @@ them inside the whitelisted directory or add their paths to the systems; OS X users may be able to write to the `extensions` and `chrome` subdirectories inside the profile directory instead. -If all fails, one can also weaken the sandbox by setting -`security.sandbox.content.level` to 2, but keep in mind that this will open up -a [potentially devastating security hole]. +Weakening the sandbox by setting `security.sandbox.content.level` to 2 is not +recommended, as this will open up a [potentially devastating security hole]. [undocumented prefs]: https://hg.mozilla.org/mozilla-central/file/c31591e0b66f277398bee74da03c49e8f8a0ede0/dom/ipc/ContentChild.cpp#l1701 [potentially devesatating security hole]: https://bugzilla.mozilla.org/show_bug.cgi?id=1221148#c30 -- 2.39.3