Closed Bug 964500 Opened 11 years ago Closed 7 years ago

Provide a way to initialize the NSS PRNG in sandboxed child processes

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Platform:
All
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: briansmith, Unassigned)

References

Details

(Whiteboard: [sandbox][psm-backlog])

+++ This bug was initially created as a clone of Bug #930258 +++ NSS's PRNG normally initializes itself by reading /dev/urandom. But, bug 930258 wants to remove open() from the sandbox whitelist. In order to do that, while having a properly-initialized PRNG, we need to find a new way to seed the NSS PRNG in the content process. Chromium has had a similar issue and we should ask them how they dealt with it.
Sorry for the bugspam; filter on 086f2ac3-ac15-4299-889b-009181af5029.
Blocks: 1121295
Sorry for the bugspam; filter on 086f2ac3-ac15-4299-889b-009181af5029.
No longer blocks: 930258
I imagine we would need some cooperation from NSS to be able to do this (e.g. a callback we can register where instead of opening /dev/urandom (or /etc/passwd: https://dxr.mozilla.org/mozilla-central/rev/4d63dde701b47b8661ab7990f197b6b60e543839/security/nss/lib/freebl/unix_rand.c#849 ), NSS would call the callback).
Whiteboard: [sandbox] → [sandbox][psm-backlog]
We whitelisted /dev/urandom, so we don't need to do this.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.