Closed Bug 1635572 Opened 5 months ago Closed 2 months ago

Remove FakeShmOpen when minimum MacOS version is 10.12

Categories

(Core :: IPC, task, P3)

All
macOS
task

Tracking

()

RESOLVED FIXED
mozilla80
Tracking Status
firefox80 --- fixed

People

(Reporter: jld, Assigned: jld)

References

Details

Attachments

(1 file)

This code was added to work around a security bug in MacOS, fixed in version 10.12 and newer. When our minimum version is 10.12, we could remove it.

CVE-2018-4435 (https://crbug.com/project-zero/1671) was fixed in macOS
10.12 and up, but when we added uses of shm_open that would be affected
by it we still supported 10.9, so we added a workaround that tests for
the bug (by trying to exploit it) and falls back to the slower
alternative of temporary files if necessary.

The minimum supported version is now 10.12, and we've already
committed changes (e.g., to sandboxing) that would break the browser
on older versions, so we can remove this code. Note that we also have
cross-platform gtests that check for this type of bug, so we'll have some
warning if it's ever reintroduced.

Assignee: nobody → jld
Status: NEW → ASSIGNED
Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/918de9580b2a
Remove workaround for shared memory security bug in old macOS versions. r=spohl
Status: ASSIGNED → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla80
You need to log in before you can comment on or make changes to this bug.