[Webkit-unassigned] [Bug 191360] [GTK][WPE] Bubblewrap launcher should not depend on memfd
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Nov 9 07:02:06 PST 2018
https://bugs.webkit.org/show_bug.cgi?id=191360
--- Comment #11 from Michael Catanzaro <mcatanzaro at igalia.com> ---
(In reply to Patrick Griffis from comment #10)
> Well the resulting fd *must* be read-only otherwise its a sandbox escape.
So then the sealing is important!
But I don't understand. How can you escape the sandbox? The trusted UI process creates the fd, stuffs arguments into it, launches the bwrap process, and then bwrap reads them from the fd before launching the untrusted process. Right? I don't see why it has to be read-only.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181109/aff698d0/attachment-0001.html>
More information about the webkit-unassigned
mailing list