[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Firefox access demands



Hi,

Am 16.09.2014 um 07:44 schrieb Marcus Meissner:
> On Mon, Sep 15, 2014 at 07:36:41PM +0200, pinguin74 wrote:
>> Hello,
>>
>> I just see, Firefox wants to acces /proc/tty/drivers and asks for PTRACE
>> use.
>>
>> Is it safe to grant this access? What are the risks connected to
>> accessing these things? Currently Firefox seem to work well without
>> granting these things...
> 
> I do not see why it would need it.
> 
> You can always disable it and see what happens? :)
> 
> ptrace is dangerous as it allows to control all other processes of
> the same UID.

From a very quick scan of the Firefox sources I can find basically two
possibilities:
- builtin stack unwinding (in crashreporter/breakpad and ?libstagefright?
- sandbox (from FF 33 up)


Wolfgang
-- 
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx