Closed
Bug 1664922
Opened 5 years ago
Closed 5 years ago
Allow CPU information for nsSystemInfo in the RDD sandbox
Categories
(Core :: Security: Process Sandboxing, defect, P1)
Tracking
()
RESOLVED
FIXED
83 Branch
| Tracking | Status | |
|---|---|---|
| firefox83 | --- | fixed |
People
(Reporter: jld, Assigned: jld)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
The RDD process initializes nsSystemInfo, which on Linux reads files in /proc and /sys that the sandbox policy doesn't allow; sometimes (nsSystemInfo initialization is async as of bug 1553546) this happens after sandbox startup. Currently the failures are silently ignored, but see bug 1662321 comment #0 for more details and why this is a problem for memfd support.
I have a patch to allow the paths in question in the sandbox policy, as a workaround.
|
||
Updated•5 years ago
|
Severity: -- → S4
Priority: -- → P1
|
Assignee | |
Comment 1•5 years ago
|
||
Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/be90d6aec690
Allow CPU information in the "utility" sandbox policy, for nsSystemInfo. r=gcp
|
||
Comment 3•5 years ago
|
||
Backed out for Valgrind bustages.
Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9e2328aa32aa
Allow CPU information in the "utility" sandbox policy, for nsSystemInfo. r=gcp
|
||
Comment 5•5 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox83:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 83 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•