> I would modify base::GetShmemTempDir() to lookup a path via
> base::PathService and then have Oxide override this.
GetShmemTempDir() tries to create a temp file under /dev/shm/, so the problem
is not the path itself, it’s the name of the temp file under that path.
IIUC what needs to be modified is the TempFileName() function, to return
something like "snap.${SNAP_NAME}.XXXXXX", if SNAP_NAME is defined, and fall
back to the default value, ".org.chromium.Chromium.XXXXXX".
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu
in Ubuntu.
https://bugs.launchpad.net/bugs/1260103
Title:
oxide should use an app-specific path for shared memory files
Status in Oxide:
In Progress
Status in apparmor-easyprof-ubuntu package in Ubuntu:
Confirmed
Bug description:
Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This
results in an AppArmor rule like the following:
owner /run/shm/.org.chromium.Chromium.* rwk,
But this rule is too lenient because a malicious app could enumerate
these files and attack shared memory of other applications. Therefore,
these paths need to be made application specific.
To manage notifications about this bug go to:
https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
