Closed
Bug 1284458
Opened 8 years ago
Closed 7 years ago
nsPluginHost::GetPluginTempDir should return a sandbox writeable temp (Linux)
Categories
(Core Graveyard :: Plug-ins, defect, P3)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: tedd, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: sb+)
Attachments
(1 file)
13.13 KB,
text/x-log
|
Details |
Similar to Bug 1270018, nsPluginHost::GetPluginTempDir should return a directory that is created by the parent and writable by a sandboxed content process. This would allow us to remove sys_mkdir from the seccomp whitelist. Removing sys_mkdir leads to the attached crashes.
Comment 2•8 years ago
|
||
It is related, but linux specific which isn't in use yet on linux. It's also tracked under our linux milestone.
Flags: needinfo?(haftandilian)
Updated•8 years ago
|
Priority: -- → P3
Updated•8 years ago
|
OS: Unspecified → Linux
Hardware: Unspecified → All
Comment 3•8 years ago
|
||
When we fix this we need to enable the code in bug 1270018 on linux, and open up access to that specific directory.
Updated•8 years ago
|
Summary: nsPluginHost::GetPluginTempDir should return a sandbox writeable temp → nsPluginHost::GetPluginTempDir should return a sandbox writeable temp (Linux)
Updated•7 years ago
|
Whiteboard: sblc2 → sblc3
Updated•7 years ago
|
Whiteboard: sblc3 → sblc5
Updated•7 years ago
|
Whiteboard: sblc5 → sblc4
Updated•7 years ago
|
Whiteboard: sblc4 → sblc3
Comment 4•7 years ago
|
||
We allow write access to /tmp, and /tmp has the X11 sockets. So we do want to take a look at this, and probably at least block out the X11 dir.
Updated•7 years ago
|
Whiteboard: sblc3 → sb+
Comment 5•7 years ago
|
||
|GetPluginTempDir| no longer exists so this is no longer a problem.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•