Closed Bug 1284458 Opened 4 years ago Closed 2 years ago

nsPluginHost::GetPluginTempDir should return a sandbox writeable temp (Linux)

Categories

(Core :: Plug-ins, defect, P3)

All
Linux
defect

Tracking

()

RESOLVED INVALID

People

(Reporter: tedd, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: sb+)

Attachments

(1 file)

Similar to Bug 1270018, nsPluginHost::GetPluginTempDir should return a directory that is created by the parent and writable by a sandboxed content process.

This would allow us to remove sys_mkdir from the seccomp whitelist.

Removing sys_mkdir leads to the attached crashes.
Haik, is this related to bug 1270018?
Flags: needinfo?(haftandilian)
It is related, but linux specific which isn't in use yet on linux. It's also tracked under our linux milestone.
Flags: needinfo?(haftandilian)
Priority: -- → P3
OS: Unspecified → Linux
Hardware: Unspecified → All
When we fix this we need to enable the code in bug 1270018 on linux, and open up access to that specific directory.
Summary: nsPluginHost::GetPluginTempDir should return a sandbox writeable temp → nsPluginHost::GetPluginTempDir should return a sandbox writeable temp (Linux)
Whiteboard: sblc2 → sblc3
Whiteboard: sblc3 → sblc5
Whiteboard: sblc5 → sblc4
Whiteboard: sblc4 → sblc3
We allow write access to /tmp, and /tmp has the X11 sockets. So we do want to take a look at this, and probably at least block out the X11 dir.
Whiteboard: sblc3 → sb+
|GetPluginTempDir| no longer exists so this is no longer a problem.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.