[Webkit-unassigned] [Bug 142986] New: [Seccomp] Canonicalize filesystem path when whitelisting it

Mon Mar 23 14:59:46 PDT 2015

https://bugs.webkit.org/show_bug.cgi?id=142986

            Bug ID: 142986
           Summary: [Seccomp] Canonicalize filesystem path when
                    whitelisting it
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com

We need to allow symlinks in our whitelist to allow whitelisting locations like /etc/localtime that could be a symlink to anywhere. Currently symlinks don't work because they're followed by the code that checks if access is permitted, so also follow them when adding the permission.

Security consequence: an attacker that has already owned your computer can give the web process additional permissions by creating a symlink from a permissible loaction to an impermissible location. (Not a problem.)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150323/439f71b5/attachment-0002.html>