wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
61aeeecde4
gecko/security/sandbox
History
Jed Davis d7d8d94afd Bug 908907 - Fill in gaps in seccomp-bpf whitelist for b2g. r=kang, r=bsmith 
Relatively harmless syscalls:
* dup, used by mozilla::ipc::Shmem
* getuid, for android::IPCThreadState, used in audio decode
* nanosleep, used by android::AudioTrack

Of potential concern:
* sched_setscheduler, used by audio threads in e.g. CubeVid
  This might be restrictable somewhat by inspecting its arguments.

Of serious concern:
* unlink, as a workaround for bug 906996 (q.v.).

Note that we already allow open(), including for writing (temporary
files, /dev/genlock on qcom devices, probably more), so allowing unlink
won't make the situation much worse.
2013-09-06 09:13:59 -04:00
..
android_arm_ucontext.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
android_i386_ucontext.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
android_ucontext.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
arm_linux_syscalls.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
LICENSE Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
linux_seccomp.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
linux_syscalls.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
Makefile.in Bug 912293 - Remove now redundant boilerplate from Makefile.in. r=gps 2013-09-05 09:01:46 +09:00
moz.build Bug 875934 - Move LIBRARY_NAME to moz.build, batch 3; r=mshal 2013-08-15 09:02:09 -04:00
Sandbox.cpp Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
Sandbox.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
seccomp_filter.h Bug 908907 - Fill in gaps in seccomp-bpf whitelist for b2g. r=kang, r=bsmith 2013-09-06 09:13:59 -04:00
x86_32_linux_syscalls.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
x86_64_linux_syscalls.h Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00