[https://dxr.mozilla.org/mozilla-central/search?q=class+GMPSandboxPolicy Filter ruleset]
=== Customization Settings ===
The Linux sandbox allows some amount of control over the sandbox policy through various about:config settings. These are meant to allow more non-standard configurations and exotic distributions to stay working - without compiling custom versions of Firefox - even if they can't be directly supported by the default configuration.
See [[Security/Sandbox#Linux_specific|Activity Logging]] for information on how to debug these scenarios.
security.sandbox.content.read_path_whitelist<br/>
security.sandbox.content.write_path_whitelist
* Comma-separated list of additional paths that the content process is allowed to read from or write to, respectively.
security.sandbox.content.syscall_whitelist
* Comma-seperated list of additional system call numbers that should be allowed in the content process. These affect the seccomp-bpf filter.
= Preferences =