59 bytes, text/x-review-board-request
Once bug 1361338 lands and only the parent process is registered for accessibility, we should be able to back out bug 1361238 and take away accept4 again. All things considered it's not the worst system call to have to allow, because the process has to acquire a listening socket from a trusted source in order to use it, but the principle of least privilege applies.
Comment on attachment 8881552 [details] Bug 1362537 - Re-disallow accept4 in Linux content processes. https://reviewboard.mozilla.org/r/152726/#review157846
Attachment #8881552 - Flags: review?(gpascutto) → review+
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/autoland/rev/2fe9bcd421ff Re-disallow accept4 in Linux content processes. r=gcp
For reference, I tested this locally: start orca, start Firefox with GNOME_ACCESSIBILITY=1, load some pages, then `orca -l`.
You need to log in before you can comment on or make changes to this bug.