Ludovic Courtès <[email protected]> writes:
> Hi Julien, > > Julien Lepiller <[email protected]> skribis: > >> Try setting security.sandbox.content.read_path_whitelist to /gnu/store/ >> (with a leading /) in about:config. > > Setting it to “/gnu/store/” (with a trailing slash) works, thank you! > > It turns out that setting LIBGL_DRIVERS_PATH is even unnecessary. > > I suppose we should patch the default value of > ‘security.sandbox.content.read_path_whitelist’ in our package. What do > people think? It isn’t much of a sandbox if all of /gnu/store would be permitted. Can this be reduced to the paths of store items that are known at build time? -- Ricardo
