Bug 921817 - Enable sandbox in non-preallocated child processes. r=kang, r=bent, a=lsblakk
authorJed Davis <jld@mozilla.com>
Tue, 15 Oct 2013 10:02:26 -0400
changeset 160770 ae0bba31d96770bc8b15d3f901ede60fd53a7906
parent 160769 eb6bfb3ab0d3bdcfff1c32c8bf5c0733238cf627
child 160771 28acf9adf06941579f1939c8b26ee8451fbc543d
push id2961
push userlsblakk@mozilla.com
push dateMon, 28 Oct 2013 21:59:28 +0000
treeherdermozilla-beta@73ef4f13486f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskang, bent, lsblakk
bugs921817
milestone26.0a2
Bug 921817 - Enable sandbox in non-preallocated child processes. r=kang, r=bent, a=lsblakk
dom/ipc/ContentParent.cpp
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -1318,16 +1318,27 @@ ContentParent::ContentParent(mozIApplica
         nsCOMArray<nsIStyleSheet>& authorSheets = *sheetService->AuthorStyleSheets();
         for (uint32_t i = 0; i < authorSheets.Length(); i++) {
             URIParams uri;
             SerializeURI(authorSheets[i]->GetSheetURI(), uri);
             unused << SendLoadAndRegisterSheet(uri, nsIStyleSheetService::AUTHOR_SHEET);
         }
     }
 
+#ifdef MOZ_CONTENT_SANDBOX
+    // Bug 921817.  We enable the sandbox in RecvSetProcessPrivileges,
+    // which is where a preallocated process drops unnecessary privileges,
+    // but a non-preallocated process will already have changed its
+    // uid/gid/etc immediately after forking.  Thus, we send this message,
+    // which is otherwise a no-op, to sandbox it at an appropriate point
+    // during startup.
+    if (aOSPrivileges != base::PRIVILEGES_INHERIT) {
+        SendSetProcessPrivileges(base::PRIVILEGES_INHERIT);
+    }
+#endif
 }
 
 ContentParent::~ContentParent()
 {
     if (mForceKillTask) {
         mForceKillTask->Cancel();
     }