Open Bug 1761134 Opened 4 years ago Updated 4 years ago

Consider filtering getsockopt/setsockopt in content process sandbox

Tracking

()

Status:

NEW

People

(Reporter: jld, Unassigned)

Details

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Reporter

Description

•

4 years ago

Currently we allow getsockopt and setsockopt with any arguments in sandboxed content processes on Linux, but (similarly to ioctl or prctl) there may be value in restricting the options that can be accessed.

Gian-Carlo Pascutto [:gcp]

Updated

•

4 years ago

Severity: -- → S4

Priority: -- → P3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Consider filtering getsockopt/setsockopt in content process sandbox

Categories

(Core :: Security: Process Sandboxing, enhancement, P3)

Tracking

()

People

(Reporter: jld, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated