WebKit Bugzilla
Attachment 373240 Details for
Bug 199367
: [GTK][WPE] Explicitly blacklist problematic directories for sandbox
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-199367-20190701093621.patch (text/plain), 2.74 KB, created by
Patrick Griffis
on 2019-07-01 09:36:21 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Patrick Griffis
Created:
2019-07-01 09:36:21 PDT
Size:
2.74 KB
patch
obsolete
>Subversion Revision: 246826 >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index c939e7662778cc2b3c75b642691a109fc47c2e81..f172327b19982187420946f43513b7252a3317b4 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,14 @@ >+2019-07-01 Patrick Griffis <pgriffis@igalia.com> >+ >+ [GTK][WPE] Explicitly blacklist problematic directories for sandbox >+ https://bugs.webkit.org/show_bug.cgi?id=199367 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * UIProcess/API/glib/WebKitWebContext.cpp: >+ (path_is_not_blacklisted): >+ (webkit_web_context_add_path_to_sandbox): >+ > 2019-06-25 Daniel Bates <dabates@apple.com> > > Non-editable text selections should be modifiable with hardware keyboard >diff --git a/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp b/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp >index a4a0fefe2f94b35dbd458a81ccf5a32c5074c3ae..d5742dd12e60698d9e53aeba153f6f01e38d466d 100644 >--- a/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp >+++ b/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp >@@ -1185,6 +1185,23 @@ void webkit_web_context_set_sandbox_enabled(WebKitWebContext* context, gboolean > context->priv->processPool->setSandboxEnabled(enabled); > } > >+static bool pathIsNotBlacklisted(const char* path) >+{ >+ /* These are backend specific though the blacklist covers all for consistent support */ >+ const Vector<CString> blacklistedPrefixes = { >+ "/tmp", /* This doesn't work with flatpak-spawn */ >+ /* The rest of these are re-created by the bwrap sandbox in both cases and don't make sense */ >+ "/sys", "/proc", "/dev", >+ }; >+ >+ for (const CString& prefix : blacklistedPrefixes) { >+ if (g_str_has_prefix(path, prefix.data())) >+ return false; >+ } >+ >+ return true; >+} >+ > /** > * webkit_web_context_add_path_to_sandbox: > * @context: a #WebKitWebContext >@@ -1195,6 +1212,9 @@ void webkit_web_context_set_sandbox_enabled(WebKitWebContext* context, gboolean > * has been created otherwise it will be silently ignored. It is a fatal error to > * add paths after a web process has been spawned. > * >+ * Paths in directories such as `/tmp`, `/sys`, `/proc`, or `/dev` are not valid. >+ * You may want to use `/var/tmp` as an alternative to `/tmp`. >+ * > * See also webkit_web_context_set_sandbox_enabled() > * > * Since: 2.26 >@@ -1203,6 +1223,7 @@ void webkit_web_context_add_path_to_sandbox(WebKitWebContext* context, const cha > { > g_return_if_fail(WEBKIT_IS_WEB_CONTEXT(context)); > g_return_if_fail(g_path_is_absolute(path)); >+ g_return_if_fail(pathIsNotBlacklisted(path)); > > if (context->priv->processPool->processes().size()) > g_error("Sandbox paths cannot be changed after subprocesses were spawned.");
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=373240">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 199367
:
373238
|
373240
|
373243
|
373244
|
373250
|
373349