[Webkit-unassigned] [Bug 140064] New: [Linux] SeccompFilters: improve the port-agnostic whitelist

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Jan 4 18:50:04 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=140064

            Bug ID: 140064
           Summary: [Linux] SeccompFilters: improve the port-agnostic
                    whitelist
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Enhancement
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com

I think pretty much all the files and directories that the GTK+ port web process needs to access are generic enough that they should most likely be whitelisted for EFL as well. I'd like to add several locations to the web process whitelist:

* /lib64 and /usr/lib64: nothing has any chance of working on x86_64 Linux otherwise, except on Debian which doesn't have these directories.
* /run/user/UID where UID is the result of getuid(), since at-spi2 creates lots of random directories here. (I'd rather this be more restrictive.) I think at-spi2 is not specific to GTK+.
* Specific files in /sys/fs/cgroup, for the memory pressure handler that landed last month. (These accesses will fail regardless because those files are owned by root. Not sure how the memory pressure handler is supposed to work.)
* Check $XDG_DATA_HOME before assuming that mime types are in ~/.local/share/mime
* /var/tmp -- this is unfortunate, but with recent enough mesa (for DRI3) and barring a configure-time override (which Debian wisely does), shared memory winds up here: https://bugzilla.redhat.com/show_bug.cgi?id=1172869
* mesa configuration files
* Various directories needed by udev
* ~/nv for the NVIDIA proprietary driver, suggested by Zan.
* Tempted to also put gstreamer stuff here....

We can talk about whether any of these locations should be moved to the GTK+ and/or EFL whitelists instead.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150105/6d7345cc/attachment-0002.html>

More information about the webkit-unassigned mailing list