Open
Bug 1401557
Opened 7 years ago
Updated 2 years ago
Window sandboxed child process launch fails with error codes 18 and 0x00000005
Categories
(Core :: Security: Process Sandboxing, defect, P3)
Core
Security: Process Sandboxing
Tracking
()
NEW
People
(Reporter: bobowen, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: sb+)
Found from SANDBOX_FAILED_LAUNCH_KEYED telemetry. Chromium sandbox error code is 18 SBOX_ERROR_CREATE_PROCESS, which can only come from [1]. Windows error is 0x00000005 ERROR_ACCESS_DENIED. I can reproduce this artificially by removing the "Users" group permission from the executable and triggering an attempted child process launch. It seems unlikely that someone would be doing this deliberately, but I guess it could be a knock on from changes to inherited permissions. I also don't know if this could happen during update. Another possibility is someone using other sandboxing techniques/products to sandbox Firefox, which means the main process is running with reduced permissions after start-up. [1] http://searchfox.org/mozilla-central/source/security/sandbox/chromium/sandbox/win/src/target_process.cc#134
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•