Closed Bug 1354731 Opened 7 years ago Closed 7 years ago

OpenGL drivers try to mknod() their device nodes

Categories

(Core :: Security: Process Sandboxing, enhancement)

Unspecified
Linux
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla55
Tracking Status
firefox55 --- fixed

People

(Reporter: jld, Assigned: jld)

Details

(Whiteboard: sb+)

Crash Data

Attachments

(1 file)

I'm seeing this on amd64 with nvidia drivers (0xc3fe == 195, 254) and x86 with ATI fglrx drivers (0xf901 == 249, 1).

We should probably just soft-fail these — I assume the drivers are doing this as a last-ditch attempt after finding the device nodes don't exist, on the off chance the process happens to have CAP_MKNOD (and they don't test for that or euid 0 because it's easier/cleaner just to try the mknod and let it fail).

I'm not sure if we should try to limit that rule to the specific major numbers seen here, or just apply it to all attempts to mknod a device.  (Linux best practice is to dynamically allocate device major numbers, but if they're being mknod()ed like this then I think that implies they're statically allocated?)
Comment on attachment 8857267 [details]
Bug 1354731 - Quietly fail mknod of character devices in content sandbox.

https://reviewboard.mozilla.org/r/129202/#review131926
Attachment #8857267 - Flags: review?(gpascutto) → review+
Assignee: nobody → jld
Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9135513229b9
Quietly fail mknod of character devices in content sandbox. r=gcp
Whiteboard: sb? → sb+
https://hg.mozilla.org/mozilla-central/rev/9135513229b9
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: