Open
Bug 1198515
Opened 9 years ago
Updated 2 years ago
Profiler opens files for every loaded object in sandboxed content processes
Categories
(Core :: Security: Process Sandboxing, defect, P3)
Tracking
()
NEW
Tracking | Status | |
---|---|---|
firefox43 | --- | affected |
People
(Reporter: jld, Unassigned)
References
Details
(Whiteboard: sb+)
See `getId` at the top of tools/profiler/core/shared-libraries-linux.cc; the “file identifier” stuff finds and opens and reads the file in question, even if everything it needs is in the process's extant memory mappings. This is applied to every object loaded into the address space — all libraries, the executable, and the dynamic linker. It even tries to open non-files like "[vdso]", but that can be ignored here.
So I'll need to whitelist all of that for bug 930258 (on top of having to whitelist library directories for dynamic loading, which is bug 1026356), but there might be a better way to handle this.
Updated•9 years ago
|
Whiteboard: sb+
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•