Open Bug 1408438 Opened 2 years ago Updated 2 years ago
_ASYNC from Linux sandbox file broker allowed flags
We intend for the sandbox to prevent the use of the file flag O_ASYNC, which sends signals when I/O is possible, but it's an allowed flag for opening files via the broker. This oversight should be corrected; we've already blocked FIOASYNC in bug 1405891 and plan to block O_ASYNC in bug 1328896. The open(2) man page's BUGS section notes that O_ASYNC doesn't work unless it's set via fcntl(2), and a look at the kernel source seems to confirm this, but it's considered a bug and therefore may eventually be fixed. Also, this probably isn't weaponizable once bug 1328896 blocks F_SETOWN — the documentation isn't optimally clear, but the default is no owner and setting O_ASYNC doesn't appear to change that. So this is a minor issue, but it's also a one-line fix.
You need to log in before you can comment on or make changes to this bug.