Open Bug 1510861 Opened 6 years ago Updated 2 years ago

Restrict madvise in Linux content processes

Tracking

()

Status:

NEW

People

(Reporter: jld, Unassigned)

Details

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Reporter

Description

•

6 years ago

Currently we allow madvise with all types of advice in content processes, but we could probably restrict it to reduce possible attack surface, like we do for media plugins (which will be moving into the common policy as part of bug 1500297 / bug 1506291).

Jim Mathies [:jimm]

Updated

•

6 years ago

Priority: -- → P3

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Restrict madvise in Linux content processes

Categories

(Core :: Security: Process Sandboxing, enhancement, P3)

Tracking

()

People

(Reporter: jld, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated