[Webkit-unassigned] [Bug 211131] [WPE][GTK] Paths should be canonicalized before calling bwrap
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Feb 23 08:58:43 PST 2022
https://bugs.webkit.org/show_bug.cgi?id=211131
--- Comment #3 from Michael Catanzaro <mcatanzaro at gnome.org> ---
Comment on attachment 452983
--> https://bugs.webkit.org/attachment.cgi?id=452983
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=452983&action=review
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:334
> +static void bindSymlinksRealPath(Vector<CString>& args, const char* path, const char* bindOption = "--ro-bind")
> +{
> + WTF::String realPath = FileSystem::realPath(path);
> + if (path == realPath) {
> + const char* rpath = realPath.utf8().data();
> + args.appendVector(Vector<CString>({ bindOption, rpath, rpath }));
> + }
> +}
I'm a little confused here.
What I expected: if the path is a symlink, bind its target instead so the operation doesn't fail.
What you have here: if the path is a symlink (path != realPath), ignore it. Sure, the operation will not fail if you skip it, but won't you still wind up with a broken sandbox?
> Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp:352
> + bindSymlinksRealPath(args, path, bindType);
> + // As /etc is exposed wholesale, do not layer extraneous bind
Style nit: leave a blank line here.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220223/74090069/attachment.htm>
More information about the webkit-unassigned
mailing list