From 75824be1ac60b39e123e6ee9617a64bbf2ee4add Mon Sep 17 00:00:00 2001
From: Andrew Tropin <andrew@trop.in>
Date: Tue, 24 Sep 2024 12:24:33 +0400
Subject: gnu: librewolf: Add rdd paths allowlist patch.

* gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it here.

Change-Id: Ice417148b0ddf9acf0062eb6d16a875a81e350e6
---
 .../patches/librewolf-add-paths-to-rdd-allowlist.patch        | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch

(limited to 'gnu/packages/patches')

diff --git a/gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch b/gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch
new file mode 100644
index 0000000000..1bee0bddf5
--- /dev/null
+++ b/gnu/packages/patches/librewolf-add-paths-to-rdd-allowlist.patch
@@ -0,0 +1,11 @@
+--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
++++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+@@ -920,6 +920,8 @@
+   policy->AddDir(rdonly, "/usr/lib64");
+   policy->AddDir(rdonly, "/run/opengl-driver/lib");
+   policy->AddDir(rdonly, "/nix/store");
++  policy->AddDir(rdonly, "/gnu/store");
++  policy->AddDir(rdonly, "/run/current-system/profile/lib");
+
+   // Bug 1647957: memory reporting.
+   AddMemoryReporting(policy.get(), aPid);
-- 
cgit v1.2.3