From 77c0a35af24f3bc7c3eda7292225a3052f0d2ebd Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Mon, 1 Nov 2021 16:52:40 -0400 Subject: gnu: icecat: Add system fonts directory to the sandbox whitelist. Mitigates . * gnu/packages/gnuzilla.scm (icecat)[arguments]: In the 'build-sandbox-whitelist' phase, add "/run/current-system/profile/share/fonts/" to the whitelist. --- gnu/packages/gnuzilla.scm | 1 + 1 file changed, 1 insertion(+) diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 3aa39bc806..a1f6b5738a 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -1138,6 +1138,7 @@ (define (runpaths-of-input label) "/share/mime") ,(string-append (assoc-ref inputs "font-dejavu") "/share/fonts") + "/run/current-system/profile/share/fonts" ,@(append-map runpaths-of-input '("mesa" "ffmpeg")))))) (whitelist-string (string-join whitelist ",")) -- cgit v1.2.3