Bug 1396542 - Let sandboxed content processes read /var/lib/dbus/machine-id. r=gcp, a=sledru
authorJed Davis <jld@mozilla.com>
Tue, 19 Sep 2017 19:54:41 -0600
changeset 669797 0d4f0c6d3fd205d5da5d1d53079ea5cdd638d521
parent 669796 e4c1277e5d2cb18fd16ba6b0d22d3a652bf030f6
child 669798 a5cb7f20d1e360670e305faa5b10cea541cb8949
push id81427
push userluca.greco@alcacoop.it
push dateMon, 25 Sep 2017 11:52:41 +0000
reviewersgcp, sledru
bugs1396542
milestone57.0
Bug 1396542 - Let sandboxed content processes read /var/lib/dbus/machine-id. r=gcp, a=sledru PulseAudio is the only thing that's known to need this. Note that the same file often exists as /etc/machine-id, and we currently allow reading all of /etc (which includes other fingerprinting hazards as well). MozReview-Commit-ID: FoyKQzhAV6M
security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
@@ -102,16 +102,19 @@ SandboxBrokerPolicyFactory::SandboxBroke
   policy->AddDir(rdonly, "/sys/devices/cpu");
   policy->AddDir(rdonly, "/sys/devices/system/cpu");
   policy->AddDir(rdonly, "/lib");
   policy->AddDir(rdonly, "/lib64");
   policy->AddDir(rdonly, "/usr/lib");
   policy->AddDir(rdonly, "/usr/lib32");
   policy->AddDir(rdonly, "/usr/lib64");
   policy->AddDir(rdonly, "/etc");
+#ifdef MOZ_PULSEAUDIO
+  policy->AddPath(rdonly, "/var/lib/dbus/machine-id");
+#endif
   policy->AddDir(rdonly, "/usr/share");
   policy->AddDir(rdonly, "/usr/local/share");
   policy->AddDir(rdonly, "/usr/tmp");
   policy->AddDir(rdonly, "/var/tmp");
   // Various places where fonts reside
   policy->AddDir(rdonly, "/usr/X11R6/lib/X11/fonts");
   policy->AddDir(rdonly, "/nix/store");
   policy->AddDir(rdonly, "/run/host/fonts");