Closed
Bug 1581239
Opened 5 years ago
Closed 5 years ago
Regression tests to verify that sandboxed processes' access to /proc/self/fd is blocked
Categories
(Core :: Security: Process Sandboxing, enhancement, P2)
Tracking
()
RESOLVED
FIXED
mozilla72
Tracking | Status | |
---|---|---|
firefox72 | --- | fixed |
People
(Reporter: jld, Assigned: gcp)
References
Details
Attachments
(1 file)
We have some tests that use js-ctypes in a content process to check that sandboxing denies (or allows) certain things, to prevent accidental regressions. We should include /proc/self/fd
, because that can be used to unfreeze the frozen shared memory of bug 1479960 (and its predecessor in MemMapSnapshot
).
Assignee | ||
Updated•5 years ago
|
Priority: -- → P2
Assignee | ||
Updated•5 years ago
|
Assignee: nobody → gpascutto
Assignee | ||
Comment 1•5 years ago
|
||
Pushed by gpascutto@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/9ee340bc2db1 Verify that sandboxed processes' access to /proc/self/fd is blocked. r=jld
Comment 3•5 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox72:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla72
You need to log in
before you can comment on or make changes to this bug.
Description
•