On Mon, 28 Oct 2019 at 20:04:06 +0100, Sebastien Marie wrote:
> On Mon, Oct 28, 2019 at 09:26:09AM +0100, Klemens Nanni wrote:
> > On Sun, Oct 27, 2019 at 12:56:40PM -0500, joshua stein wrote:
> > > As a workaround, you can add this to
> > > /usr/local/lib/thunderbird/defaults/pref/all-openbsd.js:
> > >
> > > pref("security.sandbox.pledge.main", "junk");
> > >
> > > That will cause pledge() to fail rather than continuing with an
> > > empty list of pledge promises.
> > I appended this line to ~/.thunderbird/*.default/prefs.js and
> > thunderbird starts again, thanks. semarie also mentioned this as
> > workaround off-list.
> >
> > However, prefs.js seems to be rewritten, so closing and opening
> > Thunderbird results in SIGBART again. Won't happen with the global
> > all-openbsd.js for sure, though.
> >
>
> Hi,
>
> The following diff should unbreak mail/mozilla-thunderbird for now.
>
> It is a quick fix to have usuable thunderbird, waiting for a proper fix.
>
> It just adds invalid promises (instead of the default valid empty promise). It
> will make thunderbird to show a warning and will effectively disable pledge(2)
> (as before without sandbox).
>
> Comments or OK ?
Either pass --disable-sandbox in CONFIGURE_ARGS to disable the
pledge code, or someone that uses Thunderbird can figure out which
pledge promises are actually needed to make it work and add those to
all-openbsd.js.
It doesn't really make sense to keep building it with sandboxing
enabled just to disable it from the preferences.
