Closed Bug 1581239 Opened 5 years ago Closed 5 years ago

Regression tests to verify that sandboxed processes' access to /proc/self/fd is blocked

Categories

(Core :: Security: Process Sandboxing, enhancement, P2)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
Unspecified
Linux
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla72
Tracking Flags:
Tracking Status
firefox72 --- fixed

People

(Reporter: jld, Assigned: gcp)

References

Details

Attachments

(1 file)

Bug 1581239 - Verify that sandboxed processes' access to /proc/self/fd is blocked. r?jld
47 bytes, text/x-phabricator-request
Details | Review

We have some tests that use js-ctypes in a content process to check that sandboxing denies (or allows) certain things, to prevent accidental regressions. We should include /proc/self/fd, because that can be used to unfreeze the frozen shared memory of bug 1479960 (and its predecessor in MemMapSnapshot).

Priority: -- → P2
Assignee: nobody → gpascutto
Pushed by gpascutto@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9ee340bc2db1
Verify that sandboxed processes' access to /proc/self/fd is blocked. r=jld

https://hg.mozilla.org/mozilla-central/rev/9ee340bc2db1

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox72: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla72
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: