Bug 1409900 - Disallow quotactl in sandboxed content processes. r=gcp
authorJed Davis <jld@mozilla.com>
Wed, 25 Oct 2017 12:43:13 -0600
changeset 439932 9f9c7289c55b64d0faba947f16162e178eab1a19
parent 439931 ab03b4c381d4e1768d4a2af7cec65003d89a4b12
child 439933 862de4b756405c181a1db886a16a603ffe2f20df
push id8114
push userjlorenzo@mozilla.com
push dateThu, 02 Nov 2017 16:33:21 +0000
treeherdermozilla-beta@73e0d89a540f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgcp
bugs1409900
milestone58.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1409900 - Disallow quotactl in sandboxed content processes. r=gcp MozReview-Commit-ID: 3svUgLLTZKL
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -691,17 +691,16 @@ public:
     case __NR_getppid:
       return Trap(GetPPidTrap, nullptr);
 
       // Filesystem syscalls that need more work to determine who's
       // using them, if they need to be, and what we intend to about it.
     case __NR_getcwd:
     CASES_FOR_statfs:
     CASES_FOR_fstatfs:
-    case __NR_quotactl:
     CASES_FOR_fchown:
     case __NR_fchmod:
     case __NR_flock:
       return Allow();
 
       // Bug 1354731: proprietary GL drivers try to mknod() their devices
     case __NR_mknod: {
       Arg<mode_t> mode(1);