[Webkit-unassigned] [Bug 143004] New: [Seccomp] Web process has too much access to /run/user
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 24 07:53:38 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=143004
Bug ID: 143004
Summary: [Seccomp] Web process has too much access to /run/user
Classification: Unclassified
Product: WebKit
Version: 528+ (Nightly build)
Hardware: PC
OS: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mcatanzaro at igalia.com
We grant access to all of /run/user/1000/ (where 1000 is my UID), which is needed for at-spi2 since it puts folders with random-looking names. But there are sockets there for gnome-keyring, dconf, and gvfs that the web process really should not be able to touch.
Possible solutions:
* Support globs, so that we can more precisely whitelist /run/user/1000/at-spi2-* instead.
* Even then, I imagine the web process can do bad things to other apps with that permission... can it be used to inspect or control other processes? It would be nicest if at-spi2 created a more predictable directory name so that we could limit the web process.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150324/23c0639b/attachment-0002.html>
More information about the webkit-unassigned
mailing list