Closed Bug 1396733 Opened 7 years ago Closed 7 years ago

[flatpak] add /run/host/fonts to the sandbox whitelist

Categories

(Core :: Security: Process Sandboxing, enhancement, P1)

All
Linux
enhancement

Tracking

()

RESOLVED FIXED
mozilla57
Tracking Status
firefox57 --- fixed

People

(Reporter: jhorak, Assigned: gcp)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Currently there is allowed access to the [1]:
/usr/X11R6/lib/X11/fonts
/usr/share
which covers loading system installed fonts.
The flatpak puts fonts installed on host to the /run/host/fonts. Currently the Firefox sandbox deny the access to this location which leads to the missing letters when specific font is used on page. See report [2].

[1] https://dxr.mozilla.org/mozilla-central/rev/632e42dca494ec3d90b70325d9c359f80cb3f38a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp#98
[2] https://github.com/xhorak/firefox-devedition-flatpak/issues/36
Blocks: flatpak
You need /run/host/fonts/user-fonts too. That is where the $HOME/.fonts (or equivalent) fonts show up (as your app might not have generic homedir access)
Assignee: nobody → gpascutto
Priority: -- → P1
(In reply to Alexander Larsson from comment #1)
> You need /run/host/fonts/user-fonts too. That is where the $HOME/.fonts (or
> equivalent) fonts show up (as your app might not have generic homedir access)

We allow $HOME/.fonts specifically so that one should be fine.
What I mean is that a flatpak sandboxed app (say firefox) typically does not have full access to the normal filesystem. So, the files in /home/user/.fonts will not be there in the sandbox. To make per-user installed fonts work in such applications, flatpak exposes a read-only version of /home/user/.fonts as /run/host/user-fonts in the sandbox (and configures fontconfig to look there).

So, direct access to ~/.fonts will only work if the firefox app has full homedir access.
(In reply to Jan Horak from comment #6)
> The attached patch does not fix the issue, we must miss something there.
> I'll look into in further.

Huh, that's really surprising given https://bugzilla.mozilla.org/show_bug.cgi?id=1390392#c15
Sorry for the confusion, I was wrong about it. It works fine with patch applied. Thanks.
Comment on attachment 8907535 [details]
Bug 1396733 - Add flatpak font dirs to the sandbox whitelist.

https://reviewboard.mozilla.org/r/179244/#review184662
Attachment #8907535 - Flags: review?(jld) → review+
Pushed by gpascutto@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/ec5526fce679
Add flatpak font dirs to the sandbox whitelist. r=jld
https://hg.mozilla.org/mozilla-central/rev/ec5526fce679
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in before you can comment on or make changes to this bug.