com.apple.pasteboard.1 is the pasteboard service -- it does things like copy paste, intraprocess services (e.g. "look this word up in the dictionary", and drag-and-drop: https://developer.apple.com/library/content/documentation/Cocoa/Conceptual/PasteboardGuide106/Articles/pbConcepts.html From local testing, removing access to this in the content process generates some denied log messages at process startup, but all the functionality I just described continues to work.

Comment on attachment 8895413 [details] Bug 1388454 - remove access to the com.apple.pasteboard.1 mach service from content processes; https://reviewboard.mozilla.org/r/166592/#review171720 r+. Could you document the error messages in the bug so they'll show up in searches? I suspect they're triggered by native event loop code like the existing pasteboard messages that we see.

Sure, the errors are: SandboxViolation: plugin-container(23302) deny(1) mach-lookup com.apple.pasteboard.1 Failed to obtain 'pboard' service port: <error: 0x7fffee22dca0> { count = 1, transaction: 0, voucher = 0x0, contents = "XPCErrorDescription" => <string: 0x7fffee22df18> { length = 18, contents = "Connection invalid" } } Connection to 'pboard' server had an error: <error: 0x7fffee22dca0> { count = 1, transaction: 0, voucher = 0x0, contents = "XPCErrorDescription" => <string: 0x7fffee22df18> { length = 18, contents = "Connection invalid" } } failed to create global data

Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/b8bfa5135498 remove access to the com.apple.pasteboard.1 mach service from content processes; r=haik