[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Firefox access demands


Am 16.09.2014 um 07:44 schrieb Marcus Meissner:
> On Mon, Sep 15, 2014 at 07:36:41PM +0200, pinguin74 wrote:
>> Hello,
>> I just see, Firefox wants to acces /proc/tty/drivers and asks for PTRACE
>> use.
>> Is it safe to grant this access? What are the risks connected to
>> accessing these things? Currently Firefox seem to work well without
>> granting these things...
> I do not see why it would need it.
> You can always disable it and see what happens? :)
> ptrace is dangerous as it allows to control all other processes of
> the same UID.

From a very quick scan of the Firefox sources I can find basically two
- builtin stack unwinding (in crashreporter/breakpad and ?libstagefright?
- sandbox (from FF 33 up)

To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx