Open Bug 1945340 Opened 10 months ago Updated 10 months ago

sandbox-unprivileged-namespaces-howtofix link is misleading

Tracking

()

Status:

NEW

Tracking Flags:

Tracking

Status

firefox-esr128

---

affected

firefox134

---

affected

firefox135

---

affected

firefox136

---

affected

People

(Reporter: glandium, Unassigned)

Details

Mike Hommey [:glandium]

Reporter

Description

•

10 months ago

When the system doesn't have unprivileged namespaces enabled, a doorhanger notification shows up that says "Some of Firefox's security features may offer less protection on your current operating system." which is fair. That's followed with "How to fix this issue" with a link to https://support.mozilla.org/en-US/kb/install-firefox-linux which reads "Install Firefox on Linux", and misleads users into thinking to fix issue requires installing Mozilla's build, which, in fact, will have the same problem.
I suppose the intent is to deep link in the page https://support.mozilla.org/en-US/kb/install-firefox-linux#w_security-features-warning , but I'd say ideally this information would have its own page.

Mike Hommey [:glandium]

Reporter

Updated

•

10 months ago

status-firefox134: --- → affected

status-firefox135: --- → affected

status-firefox136: --- → affected

status-firefox-esr128: --- → affected

Mike Hommey [:glandium]

Reporter

Comment 1

•

10 months ago

BTW, should that page talk about the kernel.unprivileged_userns_clone sysctl?

Gian-Carlo Pascutto [:gcp]

Updated

•

10 months ago

Severity: -- → S3

Priority: -- → P2

You need to log in before you can comment on or make changes to this bug.

Bugzilla

sandbox-unprivileged-namespaces-howtofix link is misleading

Categories

(Core :: Security: Process Sandboxing, defect, P2)

Tracking

()

People

(Reporter: glandium, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated