Open
Bug 1288384
Opened 8 years ago
Updated 2 years ago
Restrict sys_mremap flag argument in seccomp
Categories
(Core :: Security: Process Sandboxing, defect, P3)
Tracking
()
NEW
People
(Reporter: tedd, Unassigned)
References
Details
(Whiteboard: sblc5)
sys_mremap is used in the implementation of libc realloc(). Currently we whitelist the system call if MOZ_MEMORY is not defined (jemalloc is used). But we may want to only allow certain flags to improve the overall security of the sandbox, this may impact performance but it is unclear how big of an impact it is and if it is acceptable or not. See Bug 1286119 Comment 1 for more details.
Reporter | ||
Updated•8 years ago
|
Whiteboard: sblc1 → sblc2
Updated•7 years ago
|
Whiteboard: sblc2 → sblc4
Updated•7 years ago
|
Whiteboard: sblc4 → sblc5
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•