From 0d65bbf3126d4e73088b2ee5f7f4a7c3cbe9c1af Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Thu, 19 Dec 2019 19:36:08 +0000
Subject: Fix Brave's native sandbox (#3087)

* Allow user access to /proc/config.gz

* Fix Brave's native sandbox

* Move /proc/config.gz to disable-common.inc

* Move /proc/config.gz to disable-common.inc
---
 etc/brave.profile      | 3 +++
 etc/disable-common.inc | 3 +++
 2 files changed, 6 insertions(+)

(limited to 'etc')

diff --git a/etc/brave.profile b/etc/brave.profile
index 984fab5a8..7cd925a4c 100644
--- a/etc/brave.profile
+++ b/etc/brave.profile
@@ -20,5 +20,8 @@ whitelist ${HOME}/.config/brave
 whitelist ${HOME}/.config/BraveSoftware
 whitelist ${HOME}/.gnupg
 
+# Brave sandbox needs read access to /proc/config.gz
+noblacklist /proc/config.gz
+
 # Redirect
 include chromium-common.profile
diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index 137e4f8bd..16f231108 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -452,3 +452,6 @@ blacklist ${HOME}/Mail
 blacklist ${HOME}/mail
 blacklist ${HOME}/postponed
 blacklist ${HOME}/sent
+
+# kernel configuration
+blacklist /proc/config.gz
-- 
cgit v1.2.3-70-g09d2