Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-17 15:25:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1713999 - Sandbox the socket process on OpenBSD r=gcp,necko-reviewers

Browse Source 
as done on windows, and as tested with RDD sandboxing in
https://phabricator.services.mozilla.com/D116635, preload the necessary
nss libs before sandboxing. Untested at runtime yet.

Depends on D116640

Differential Revision: https://phabricator.services.mozilla.com/D116641
This commit is contained in:
Landry Breuil 2021-06-15 08:48:35 +00:00
parent 5931acf5b9
commit b3105e9b6d
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
netwerk/ipc/SocketProcessImpl.cpp
View File

@ -15,6 +15,9 @@
#if defined(OS_WIN) && defined(MOZ_SANDBOX)
# include "mozilla/sandboxTarget.h"
#elif defined(__OpenBSD__) && defined(MOZ_SANDBOX)
# include "mozilla/SandboxSettings.h"
# include "prlink.h"
#endif
#ifdef OS_POSIX
@ -46,6 +49,11 @@ bool SocketProcessImpl::Init(int aArgc, char* aArgv[]) {
LoadLibraryW(L"softokn3.dll");
LoadLibraryW(L"freebl3.dll");
mozilla::SandboxTarget::Instance()->StartSandbox();
#elif defined(__OpenBSD__) && defined(MOZ_SANDBOX)
PR_LoadLibrary("libnss3.so");
PR_LoadLibrary("libsoftokn3.so");
PR_LoadLibrary("libfreebl3.so");
StartOpenBSDSandbox(GeckoProcessType_Socket);
#endif
char* parentBuildID = nullptr;
char* prefsHandle = nullptr;