I would expect https://searchfox.org/mozilla-central/source/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp#499 to pick up binaries shipped alongside Firefox. I guess what's happening here is that the library is shipped in the snap (but not in the default system), not next to the binary, and then "something" is done to make the dynamic linker pick it up? Our sandbox knows about LD_LIBRARY_PATH and such https://searchfox.org/mozilla-central/rev/c3d7964c593e0bedabea2fea0b35ba243cf9e696/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp#258 but I guess this is using something different? In general readonly permission to trusted system library dirs should not be a security concern.
Bug 1732580 Comment 16 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
I would expect https://searchfox.org/mozilla-central/source/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp#499 to pick up libraries shipped alongside Firefox. I guess what's happening here is that the library is shipped in the snap (but not in the default system), not next to the binary, and then "something" is done to make the dynamic linker pick it up? Our sandbox knows about LD_LIBRARY_PATH and such https://searchfox.org/mozilla-central/rev/c3d7964c593e0bedabea2fea0b35ba243cf9e696/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp#258 but I guess this is using something different? In general readonly permission to trusted system library dirs should not be a security concern.