[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor-browser/tor-browser-52.4.0esr-7.0-1] Bug 1320085 - Allow the getrlimit-equivalent subset of prlimit64. r=tedd

To: tor-commits@xxxxxxxxxxxxxxxxxxxx, tbb-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor-browser/tor-browser-52.4.0esr-7.0-1] Bug 1320085 - Allow the getrlimit-equivalent subset of prlimit64. r=tedd
From: gk@xxxxxxxxxxxxxx
Date: Tue, 17 Oct 2017 12:12:39 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 17 Oct 2017 08:12:51 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Jed Davis <jld@xxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 99459c71ad61f1d7fb3995e616771a30516cf25b
Author: Jed Davis <jld@xxxxxxxxxxx>
Date:   Mon Nov 28 12:05:28 2016 -0700

    Bug 1320085 - Allow the getrlimit-equivalent subset of prlimit64. r=tedd
    
    This applies only to content processes, where we already allow getrlimit
    (but not setrlimit).  The rule added here does not allow using prlimit64
    to set any resource limits or interact with any other process.
    
    MozReview-Commit-ID: nMry3t6QPj
    
    --HG--
    extra : rebase_source : ecf792077a672ab1f2c5edf9fbeb915a0d8dd30e
---
 security/sandbox/linux/SandboxFilter.cpp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
index f8db9dc802ea..018e9c64446c 100644
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -735,6 +735,18 @@ public:
     CASES_FOR_getresgid:
       return Allow();
 
+    case __NR_prlimit64: {
+      // Allow only the getrlimit() use case.  (glibc seems to use
+      // only pid 0 to indicate the current process; pid == getpid()
+      // is equivalent and could also be allowed if needed.)
+      Arg<pid_t> pid(0);
+      // This is really a const struct ::rlimit*, but Arg<> doesn't
+      // work with pointers, only integer types.
+      Arg<uintptr_t> new_limit(2);
+      return If(AllOf(pid == 0, new_limit == 0), Allow())
+        .Else(InvalidSyscall());
+    }
+
     case __NR_umask:
     case __NR_kill:
     case __NR_wait4:



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [torbutton/maint-1.9.7] Bug 23949: Fix bug in donation banner that prevented display
Next by Author: [tor-commits] [tor-browser/tor-browser-52.4.0esr-7.5-1] Revert "Bug 21308: Set indexedDB->null when dom.indexeddb.enabled=false"
Previous by thread: [tor-commits] [torbutton/maint-1.9.7] Bug 23526: 2017 Donation banner text ready for translation
Next by thread: [tor-commits] [tor-browser/tor-browser-52.4.0esr-7.0-1] Bug 1361238 - Re-allow accept4, used by accessibility. r=gcp
Index(es):
- Author
- Thread