xz: Enable Capsicum sandboxing by default if available.

It has been enabled in FreeBSD for a while and reported to work fine. Thanks to Xin Li.
2020-02-05 19:56:09 +02:00 · 2020-02-05 19:56:09 +02:00 · 609c706785
parent 00517d125c
commit 609c706785
2 changed files with 4 additions and 10 deletions
--- a/6
+++ b/6
@ -403,12 +403,6 @@ XZ Utils Installation
                                one thread, something bad may happen.

    --enable-sandbox=METHOD
-                This feature is EXPERIMENTAL in the XZ Utils 5.2.x and
-                disabled by default. If you test this, look especially
-                if message translations and locale-specific decimal and
-                thousand separators (e.g. xz --list foo.xz) work the
-                same way as they do without sandboxing.
-
                There is limited sandboxing support in the xz tool. If
                built with sandbox support, it's used automatically when
                (de)compressing exactly one file to standard output and
--- a/configure.ac
+++ b/configure.ac
@ -498,10 +498,10 @@ AM_CONDITIONAL([COND_SYMVERS], [test "x$enable_symbol_versions" = xyes])

 AC_MSG_CHECKING([if sandboxing should be used])
 AC_ARG_ENABLE([sandbox], [AS_HELP_STRING([--enable-sandbox=METHOD],
-		[This is an experimental feature.
-		Sandboxing METHOD can be `auto', `no', or `capsicum'.
-		The default is `no'.])],
-	[], [enable_sandbox=no])
+		[Sandboxing METHOD can be `auto', `no', or `capsicum'.
+		The default is `auto' which enables sandboxing if
+		a supported sandboxing method is found.])],
+	[], [enable_sandbox=auto])
 case $enable_sandbox in
 	auto)
 		AC_MSG_RESULT([maybe (autodetect)])