Date: Mon, 20 Jan 2020 18:33:35 +0000 From: bugzilla-noreply@freebsd.org To: gecko@FreeBSD.org Subject: [Bug 243252] www/firefox core dumps after r522486 (failed to freeze shm) Message-ID: <bug-243252-21738-36CFKvxUMv@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-243252-21738@https.bugs.freebsd.org/bugzilla/> References: <bug-243252-21738@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D243252 --- Comment #21 from rozhuk.im@gmail.com --- Base system software uses cap_rights_limit(), but respect user: /usr/src/contrib/dma/dma-mbox-create.c: if (cap_rights_limit(maildirfd, &rights) < 0 && errno !=3D ENOSYS) /usr/src/contrib/tcpdump/tcpdump.c: if (cap_rights_limit(fd, &rights) <= 0 && errno !=3D ENOSYS) { /usr/src/contrib/traceroute/traceroute.c: #ifdef WITH_CASPER cansandbox =3D true; #else if (nflag) cansandbox =3D true; else cansandbox =3D false; #endif ... /usr/src/contrib/xz/src/xz/file_io.c: #ifdef HAVE_CAPSICUM // Capsicum needs FreeBSD 10.0 or later. cap_rights_t rights; if (cap_rights_limit(src_fd, cap_rights_init(&rights, CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEE= K))) goto error; /usr/src/crypto/openssh/sandbox-capsicum.c: if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno !=3D ENOSYS) /usr/src/lib/libutil/pidfile.c: if (cap_rights_limit(dirfd, cap_rights_init(&caprights, CAP_UNLINKAT)) < 0 && errno !=3D EN= OSYS) { goto failed; } ... /usr/src/sbin/hastd/subr.c: #ifdef HAVE_CAPSICUM capsicum =3D (cap_enter() =3D=3D 0); if (!capsicum) { pjdlog_common(LOG_DEBUG, 1, errno, "Unable to sandbox using capsicum"); } else if (res !=3D NULL) { cap_rights_t rights; static const unsigned long geomcmds[] =3D { DIOCGDELETE, DIOCGFLUSH }; PJDLOG_ASSERT(res->hr_role =3D=3D HAST_ROLE_PRIMARY || res->hr_role =3D=3D HAST_ROLE_SECONDARY); cap_rights_init(&rights, CAP_FLOCK, CAP_IOCTL, CAP_PREAD, CAP_PWRITE); if (cap_rights_limit(res->hr_localfd, &rights) =3D=3D -1) { pjdlog_errno(LOG_ERR, "Unable to limit capability rights on local descriptor"); } if (cap_ioctls_limit(res->hr_localfd, geomcmds, nitems(geomcmds)) =3D=3D -1) { pjdlog_errno(LOG_ERR, "Unable to limit allowed GEOM ioctls"); } ... /usr/src/sbin/ping/ping.c: if (cap_rights_limit(srecv, &rights) < 0 && errno !=3D ENOSYS) /usr/src/usr.bin/bsdiff/bspatch/bspatch.c: #ifndef WITHOUT_CAPSICUM if (cap_enter() < 0) { /* Failed to sandbox, fatal if CAPABILITY_MODE enabled */ if (errno !=3D ENOSYS) err(1, "failed to enter security sandbox"); } else { /* Capsicum Available */ cap_rights_init(&rights_ro, CAP_READ, CAP_FSTAT, CAP_SEEK); cap_rights_init(&rights_wr, CAP_WRITE); cap_rights_init(&rights_dir, CAP_UNLINKAT); if (cap_rights_limit(fileno(f), &rights_ro) < 0 || /usr/src/usr.sbin/iscsid/iscsid.c: error =3D cap_rights_limit(conn->conn_iscsi_fd, &rights); if (error !=3D 0 && errno !=3D ENOSYS) log_err(1, "cap_rights_limit"); So if you decide that cap_rights_limit() "must have" - ensure that other ag= ree with you and remove WITHO_CAPSICUM/WITHOUT_CAPSICUM from src and base system software before this patch. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-243252-21738-36CFKvxUMv>