Closed Bug 1285902 Opened 4 years ago Closed 4 years ago

Seccomp sandbox violation: sys_msgget called in content process of Firefox desktop

Categories

(Core :: Security: Process Sandboxing, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla50
Tracking Status
firefox50 --- fixed

People

(Reporter: tedd, Assigned: tedd)

References

Details

(Whiteboard: sblc1)

Crash Data

Attachments

(1 file)

A note to avoid missing an architecture when fixing this: sys_msgget and other ipc calls [1] are dispatched to EvaluateIpcCall() and need to be whitelisted there. Similar to the patch in Bug 1286033.

[1] https://dxr.mozilla.org/mozilla-central/rev/23dc78b7b57e9f91798ea44c242a04e112c37db0/security/sandbox/linux/SandboxFilterUtil.cpp#100
Whiteboard: sblc1
Crash Signature: [@ libc-2.19.so@0xfbe27 ] [@ libc-2.19.so@0xe6437 ]
Try push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=b0a900af7468
Assignee: nobody → julian.r.hector
Status: NEW → ASSIGNED
Attachment #8771451 - Flags: review?(gpascutto)
Attachment #8771451 - Flags: review?(gpascutto) → review+
Try in Comment 2
Keywords: checkin-needed
Pushed by cbook@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/4f3556a9addc
Add sys_msgget to seccomp whitelist. r=gcp
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/4f3556a9addc
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in before you can comment on or make changes to this bug.