Mercurial > mozilla-central / changeset / c006ddf45ea82e700275ebdd848eae34d3f67d85
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1320834 - Reduce prctl policy for desktop content processes. r=gcp
authorJed Davis <jld@mozilla.com>
Wed, 12 Apr 2017 18:41:20 -0600
changeset 386472 c006ddf45ea82e700275ebdd848eae34d3f67d85
parent 386471 a55ef97febd996e5c602b0c7b89e17d8fefee056
child 386473 fab13cda2355312461539ff089bedc32fb2cbdaf
push id32694
push userarchaeopteryx@coole-files.de
push dateTue, 17 Oct 2017 09:43:13 +0000
treeherdermozilla-central@3bd3448d9684 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgcp
bugs1320834
milestone58.0a1
first release with
nightly linux32
0d9c6250f99d / 58.0a1 / 20171017100127 / files
nightly linux64
0d9c6250f99d / 58.0a1 / 20171017100127 / files
nightly mac
0d9c6250f99d / 58.0a1 / 20171017100127 / files
nightly win32
0d9c6250f99d / 58.0a1 / 20171017100127 / files
nightly win64
0d9c6250f99d / 58.0a1 / 20171017100127 / files
last release without
nightly linux32
c6a2643362a6 / 58.0a1 / 20171016220427 / files
nightly linux64
c6a2643362a6 / 58.0a1 / 20171016220427 / files
nightly mac
c6a2643362a6 / 58.0a1 / 20171016220427 / files
nightly win32
c6a2643362a6 / 58.0a1 / 20171016220427 / files
nightly win64
c6a2643362a6 / 58.0a1 / 20171016220427 / files
Bug 1320834 - Reduce prctl policy for desktop content processes. r=gcp This removes the allow-all override in the content policy, which means it will fall back to the more restrictive prctl policy in SandboxPolicyCommon. MozReview-Commit-ID: CncoGi0HLxR
security/sandbox/linux/SandboxFilter.cpp file | annotate | diff | comparison | revisions 
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -528,21 +528,16 @@ private:
   }
 
 public:
   explicit ContentSandboxPolicy(SandboxBrokerClient* aBroker,
                                 const std::vector<int>& aSyscallWhitelist)
     : mBroker(aBroker),
       mSyscallWhitelist(aSyscallWhitelist) {}
   ~ContentSandboxPolicy() override = default;
-  ResultExpr PrctlPolicy() const override {
-    // Ideally this should be restricted to a whitelist, but content
-    // uses enough things that it's not trivial to determine it.
-    return Allow();
-  }
   Maybe<ResultExpr> EvaluateSocketCall(int aCall) const override {
     switch(aCall) {
     case SYS_RECVFROM:
     case SYS_SENDTO:
     case SYS_SENDMMSG: // libresolv via libasyncns; see bug 1355274
       return Some(Allow());
 
     case SYS_SOCKETPAIR: {
@@ -840,21 +835,16 @@ public:
     case __NR_wait4:
 #ifdef __NR_waitpid
     case __NR_waitpid:
 #endif
       // NSPR will start a thread to wait for child processes even if
       // fork() fails; see bug 227246 and bug 1299581.
       return Error(ECHILD);
 
-#ifdef __NR_arch_prctl
-    case __NR_arch_prctl:
-#endif
-      return Allow();
-
     case __NR_eventfd2:
     case __NR_inotify_init:
     case __NR_inotify_init1:
     case __NR_inotify_add_watch:
     case __NR_inotify_rm_watch:
       return Allow();
 
 #ifdef __NR_memfd_create
mozilla-central
Deployed from 2e3b1288bbd5 at 2021-12-01T16:16:38Z.