From bca2aee38bfe9c38be6e3c4588d619d479dbb524 Mon Sep 17 00:00:00 2001 From: girst Date: Fri, 9 Jun 2023 16:10:45 +0200 Subject: [PATCH] fix sandbox detection this was backwads. filesystem reads are blocked on level 3 or above. also renaming this function to better capture what it does (returns true if sandbox likely prevents config file access). see also: https://wiki.mozilla.org/Security/Sandbox#Linux https://searchfox.org/mozilla-central/search?q=security.sandbox.content.level&path=browser%2Fapp%2Fprofile%2Ffirefox.js --- extension/lib/config.coffee | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/extension/lib/config.coffee b/extension/lib/config.coffee index 65658cd..30c9e1a 100644 --- a/extension/lib/config.coffee +++ b/extension/lib/config.coffee @@ -30,11 +30,12 @@ load = (vimfx, options = null, callback = ->) -> messageManager.send('loadConfig', null, callback) -checkSandbox = (dir) -> +sandboxPreventsAccess = (dir) -> expandedDir = utils.expandPath(dir) + prefix = 'security.sandbox.content' - if prefs.root.get("#{prefix}.level") > 2 - return true + if prefs.root.get("#{prefix}.level") <= 2 + return false if Services.appinfo.OS == 'Darwin' whitelisted = [ @@ -43,6 +44,7 @@ checkSandbox = (dir) -> ] else whitelisted = prefs.root.get("#{prefix}.read_path_whitelist").split(',') + return not whitelisted.some((e) -> e.startsWith(expandedDir)) loadFile = (dir, file, scope) -> @@ -66,7 +68,7 @@ loadFile = (dir, file, scope) -> # without explanation. if typeof error == 'string' and error.startsWith('Error opening input stream (invalid filename?)') and - checkSandbox(dir) + sandboxPreventsAccess(dir) console.error("VimFx: Error loading #{file} likely due to e10s sandbox") console.info("Please consult VimFx' documentation on config files.") else -- 2.39.3