Calling localtime() and similar functions causes libc to open the files containing the time zone data. Chromium intercepts the library call and remotes it (https://crbug.com/16800) to avoid this, because they hadn't invented seccomp-bpf yet. To get bug 930258 landed we can remote the file open instead, but on B2G we'll have to have entries for /system/usr/share/zoneinfo/tzdata and /system//usr/share/zoneinfo/tzdata (with extra slash) because the code that does the open changed in Lollipop[*] and the file broker currently doesn't try to normalize or interpret paths from the (untrusted!) client before checking the policy. [*] https://android.googlesource.com/platform/bionic.git/+/cf178bf7d0300edfeec3%5E!/ As for desktop, I can *hope* content will only ever need to open "/etc/localtime", but I may be disappointed. Longer-term we might prefer higher-level remoting like what Chromium does.
We currently allow /etc access read only. https://dxr.mozilla.org/mozilla-central/rev/52285ea5e54c73d3ed824544cef2ee3f195f05e6/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp#101
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.