Bug 1373034 - Collect telemetry on whether the application is installed as root. r?glandium r?chutten
For the population where this probe is true but SANDBOX_HAS_USER_NAMESPACES is false,
sandbox security could be improved by allowing the use of a setuid root child process
wrapper, like the original Chromium Linux sandbox.
This is opt-out telemetry, because the prerelease channels aren't
representative of the larger population.
Also fixes some nearby indentation in Histograms.json.
MozReview-Commit-ID: 225T0m3IuxG
--- a/toolkit/components/telemetry/Histograms.json
+++ b/toolkit/components/telemetry/Histograms.json
@@ -12510,26 +12510,36 @@
"record_in_processes": ["main", "content"],
"alert_emails": ["gcp@mozilla.com"],
"bug_numbers": [1098428, 1370578],
"expires_in_version": "61",
"kind": "boolean",
"cpp_guard": "XP_LINUX",
"description": "Whether the system has the capability to create privileged user namespaces"
},
- "SANDBOX_MEDIA_ENABLED": {
+ "SANDBOX_INSTALLED_AS_ROOT": {
+ "record_in_processes": ["main"],
+ "alert_emails": ["jld@mozilla.com", "gcp@mozilla.com"],
+ "bug_numbers": [1373034],
+ "expires_in_version": "65",
+ "releaseChannelCollection": "opt-out",
+ "kind": "boolean",
+ "cpp_guard": "XP_LINUX",
+ "description": "Whether the application was installed as root (administrator)"
+ },
+ "SANDBOX_MEDIA_ENABLED": {
"record_in_processes": ["main", "content"],
"alert_emails": ["gcp@mozilla.com"],
"bug_numbers": [1098428],
"expires_in_version": "55",
"kind": "boolean",
"cpp_guard": "XP_LINUX",
"description": "Whether the sandbox is enabled for media/GMP plugins"
},
- "SANDBOX_CONTENT_ENABLED": {
+ "SANDBOX_CONTENT_ENABLED": {
"record_in_processes": ["main", "content"],
"alert_emails": ["gcp@mozilla.com"],
"bug_numbers": [1098428],
"expires_in_version": "55",
"kind": "boolean",
"cpp_guard": "XP_LINUX",
"description": "Whether the sandbox is enabled for the content process"
},
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -4712,16 +4712,22 @@ XREMain::XRE_mainRun()
sandboxInfo.Test(SandboxInfo::kEnabledForContent));
Telemetry::Accumulate(Telemetry::SANDBOX_MEDIA_ENABLED,
sandboxInfo.Test(SandboxInfo::kEnabledForMedia));
nsAutoCString flagsString;
flagsString.AppendInt(sandboxInfo.AsInteger());
CrashReporter::AnnotateCrashReport(
NS_LITERAL_CSTRING("ContentSandboxCapabilities"), flagsString);
+
+ struct stat exeStat;
+ if (stat("/proc/self/exe", &exeStat) == 0) {
+ Telemetry::Accumulate(Telemetry::SANDBOX_INSTALLED_AS_ROOT,
+ exeStat.st_uid == 0);
+ }
#endif /* MOZ_SANDBOX && XP_LINUX */
#if defined(MOZ_CONTENT_SANDBOX)
AddSandboxAnnotations();
#endif /* MOZ_CONTENT_SANDBOX */
{
rv = appStartup->Run();