Closed Bug 1714919 Opened 4 years ago Closed 2 years ago

fix mime handler spawning with glib >= 2.64 badly interacting with OpenBSD sandboxing

Categories

(Core :: Security: Process Sandboxing, defect, P5)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
All
OpenBSD
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
106 Branch
Tracking Flags:
Tracking Status
firefox106 --- fixed

People

(Reporter: gaston, Assigned: gaston)

References

Details

Attachments

(2 files)

patch-toolkit_system_gnome_nsGIOService_cpp
5.55 KB, patch
Details | Diff | Splinter Review
Bug 1714919 - fix mime handler spawning with glib >= 2.64 badly interacting with OpenBSD sandboxing r?gcp,stransky
48 bytes, text/x-phabricator-request
Details | Review

Since firefox 79, we've been shipping a jumbo patch to toolkit/system/gnome/nsGIOService.cpp that tries to replace all g_app_info_launch_uris() & g_app_info_launch_default_for_uri() calls by handrolled lookup for a handler.

Problem is, since glib 2.64, gio-launch-desktop has been removed in favor of a /bin/sh call, but the latter isnt available for security/sandboxing reasons on OpenBSD - thus breaking all file openings with external handlers ('open with' dialog). On OpenBSD, the user needs to explicitely unveil the handler binaries he plans to use, so the patch adds code to lookup the binary based on the given uri file type, looking for the corresponding desktop file name and finding the handler.

The patch is a bit large, as such not applyable as is upstream, but seemed to work when i hacked on it last year. I'm open to suggestions on how to better handle this, or if i try to submit the patch within #ifdef __OpenBSD__, as the same problem might not happen on tier1 platforms due to sandboxing differences..

https://gitlab.gnome.org/GNOME/glib/-/issues/2123 has some discussion with glib devs.

Flags: needinfo?(stransky)

Please submit the patch via Phabricator, I can't review/land it from Bugzilla.
Thanks.

Flags: needinfo?(stransky) → needinfo?(landry)

as i said in my initial comment, i dont think there's a point pushing this to phabricator as it's far from being in a reviewable state... hence attaching it simply to bugzilla, just to get initial feedback before polishing it..

Flags: needinfo?(landry)
Assignee: nobody → landry
Status: NEW → ASSIGNED
Severity: -- → S4
Priority: -- → P5

Fwiw, i can of course wrap all my changes within #ifdef OpenBSD since i have no idea how linux sandboxing interacts with the way mime handlers are found/whitelisted/allowed there ...

i've rebased/updated the diff on phabricator, if it looks better now i'd like to properly upstream it. Been a while....

Flags: needinfo?(stransky)
Flags: needinfo?(gpascutto)

Thanks, feel free to ask for check-in.

Flags: needinfo?(stransky)
Pushed by alissy@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/99f5d7b269be fix mime handler spawning with glib >= 2.64 badly interacting with OpenBSD sandboxing r=stransky

https://hg.mozilla.org/mozilla-central/rev/99f5d7b269be

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
status-firefox106: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 106 Branch
Flags: needinfo?(gpascutto)
Regressions: 1817588
Regressions: 1817945
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: