1198515 - Profiler opens files for every loaded object in sandboxed content processes

Status: NEW

(Core :: Security: Process Sandboxing, defect, P3)

Description

[Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧]

See `getId` at the top of tools/profiler/core/shared-libraries-linux.cc; the “file identifier” stuff finds and opens and reads the file in question, even if everything it needs is in the process's extant memory mappings.  This is applied to every object loaded into the address space — all libraries, the executable, and the dynamic linker.  It even tries to open non-files like "[vdso]", but that can be ignored here.

So I'll need to whitelist all of that for bug 930258 (on top of having to whitelist library directories for dynamic loading, which is bug 1026356), but there might be a better way to handle this.