On linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/#CVE-2017-7794 Acknowledgements: Name: the Mozilla project Upstream: Jann Horn