Bug 1376910 - Unshare the SysV IPC namespace in content processes. r?gcp
MozReview-Commit-ID: 1Uajj68rEuC
--- a/security/sandbox/linux/Sandbox.cpp
+++ b/security/sandbox/linux/Sandbox.cpp
@@ -560,29 +560,40 @@ SandboxEarlyInit(GeckoProcessType aType)
bool canChroot = false;
bool canUnshareNet = false;
bool canUnshareIPC = false;
switch (aType) {
case GeckoProcessType_Default:
MOZ_ASSERT(false, "SandboxEarlyInit in parent process");
return;
+
#ifdef MOZ_GMP_SANDBOX
case GeckoProcessType_GMPlugin:
if (!info.Test(SandboxInfo::kEnabledForMedia)) {
break;
}
canUnshareNet = true;
canUnshareIPC = true;
// Need seccomp-bpf to intercept open().
canChroot = info.Test(SandboxInfo::kHasSeccompBPF);
break;
#endif
- // In the future, content processes will be able to use some of
- // these.
+
+#ifdef MOZ_CONTENT_SANDBOX
+ case GeckoProcessType_Content:
+ if (!info.Test(SandboxInfo::kEnabledForContent)) {
+ break;
+ }
+#ifndef MOZ_ALSA
+ canUnshareIPC = true;
+#endif
+ break;
+#endif
+
default:
// Other cases intentionally left blank.
break;
}
// If TSYNC is not supported, set up signal handler
// used to enable seccomp on each thread.
if (!info.Test(SandboxInfo::kHasSeccompTSync)) {