[Webkit-unassigned] [Bug 221990] New: [GTK] Bubblewrap sandbox should not break X11 forwarding

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Feb 16 13:12:43 PST 2021 

https://bugs.webkit.org/show_bug.cgi?id=221990

            Bug ID: 221990
           Summary: [GTK] Bubblewrap sandbox should not break X11
                    forwarding
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at gnome.org
                CC: bugs-noreply at webkitgtk.org
            Blocks: 206533

Currently the bubblewrap sandbox breaks X11 forwarding via SSH, I suspect because the web process is unable to connect to the X server via TCP due to being isolated in a network namespace. We should just disable the network namespace in this case and accept that such configurations are less secure. Untested patch incoming. I will ask a couple users who use X11 forwarding to test the patch and will request review once somebody confirms whether it actually works.


Referenced Bugs:

https://bugs.webkit.org/show_bug.cgi?id=206533
[Bug 206533] [WPE][GTK] Tracker for bubblewrap sandbox issues
-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210216/38a2eef5/attachment.htm>

More information about the webkit-unassigned mailing list