[Webkit-unassigned] [Bug 188568] [GTK][WPE] Implement subprocess sandboxing
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 18 08:03:31 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=188568
--- Comment #56 from Carlos Garcia Campos <cgarcia at igalia.com> ---
(In reply to Michael Catanzaro from comment #55)
> (In reply to Carlos Garcia Campos from comment #53)
> > > It's added in glibc 2.27, which too recent. That's why it's better to call
> > > syscall() than to use it via glibc.
> >
> > But I guess __NR_memfd_create needs to be defined somewhere?
>
> Good point. That's probably a good thing since it will lead to a build
> failure, rather than a runtime failure. We're surely not interested in
> supporting the sandbox in systems that lack __NR_memfd_create.
Why can't we simply use SharedMemory? I think we could even have a SharedMemory impl based on memfd when available and falling back to shm_open otherwise.
> (In reply to Carlos Garcia Campos from comment #53)
> > Ok, go it. Should we use NeverDestroyed then?
>
> No, because then the proxy subprocess will never be killed when the UI
> process quits.
>
> That said, good catch, we have exit-time destructors here still. It will
> need to be refactored to avoid that... somehow.
Shouldn't they be per web process pool instead of static to the UI process?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180918/5668acb7/attachment-0001.html>
More information about the webkit-unassigned
mailing list