Package: chromium Version: 53.0.2785.113-1 Severity: wishlist /usr/lib/chromium/chrome-sandbox won't run unless it's world-executable, due to this code in sandbox/linux/suid/client/setuid_sandbox_host.cc: if (access(sandbox_binary.c_str(), X_OK) != 0 || (st.st_uid != 0) || ((st.st_mode & S_ISUID) == 0) || ((st.st_mode & S_IXOTH)) == 0) { LOG(FATAL) << "The SUID sandbox helper binary was found, but is not " "configured correctly. Rather than run without sandboxing " "I'm aborting now. You need to make sure that " << sandbox_binary << " is owned by root and has mode 4755."; }
Please remove the last check (IXOTH). System accounts like 'nobody' and 'lp' should never run the sandbox, so I've used chgrp and 'chmod o-x' to ensure only users with GUI access can run it on my system. And it works as long as this check is disabled. The access() check should be enough, anyway, to verify it will run. I'm not sure the other checks are useful either--a similar message could instead be printed when execve() fails or the sandbox sees EPERM/EACCES. The sandbox itself looks like it will try to continue when geteuid()!=0, until something important actually fails; this might let it work without being setuid if the administrator has enabled filesystem capabilities or unprivileged namespaces. - Michael -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: arm64, mips, i386 Kernel: Linux 4.7.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages chromium depends on: ii libasound2 1.1.2-1 ii libatk1.0-0 2.22.0-1 ii libavcodec57 7:3.1.3-1+b3 ii libavformat57 7:3.1.3-1+b3 ii libavutil55 7:3.1.3-1+b3 ii libc6 2.24-3 ii libcairo2 1.14.6-1+b1 ii libcups2 2.2.0-2 ii libdbus-1-3 1.10.10-1 ii libexpat1 2.2.0-1 ii libfontconfig1 2.11.0-6.7 ii libfreetype6 2.6.3-3+b1 ii libgcc1 1:6.2.0-4 ii libgdk-pixbuf2.0-0 2.36.0-1 ii libglib2.0-0 2.50.0-1 ii libgnome-keyring0 3.12.0-1+b1 ii libgtk-3-0 3.22.0-1 ii libharfbuzz0b 1.2.7-1+b1 ii libjpeg62-turbo 1:1.5.1-1 ii libnettle6 3.2-1 ii libnspr4 2:4.12-6 ii libnss3 2:3.26-2 ii libpango-1.0-0 1.40.3-2 ii libpangocairo-1.0-0 1.40.3-2 ii libpci3 1:3.3.1-1.1 ii libpulse0 9.0-3 ii libspeechd2 0.8.5-1 ii libstdc++6 6.2.0-4 ii libx11-6 2:1.6.3-1 ii libxcomposite1 1:0.4.4-1 ii libxcursor1 1:1.1.14-1+b1 ii libxdamage1 1:1.1.4-2+b1 ii libxext6 2:1.3.3-1 ii libxfixes3 1:5.0.2-1 ii libxi6 2:1.7.6-1 ii libxml2 2.9.4+dfsg1-2 ii libxrandr2 2:1.5.0-1 ii libxrender1 1:0.9.9-2 ii libxslt1.1 1.1.29-1 ii libxss1 1:1.2.2-1 ii libxtst6 2:1.2.2-1+b1 ii x11-utils 7.7+3 ii xdg-utils 1.1.1-1 Versions of packages chromium recommends: ii fonts-liberation 1:1.07.4-2 Versions of packages chromium suggests: pn chromium-l10n <none> -- no debconf information
signature.asc
Description: PGP signature