[Touch-packages] [Bug 1197060] Re: SDK webview applications should use an app-specific path for shared memory files

Fri, 26 Sep 2014 15:16:19 -0700 

** Changed in: apparmor (Ubuntu)
     Assignee: John Johansen (jjohansen) => Jamie Strandboge (jdstrand)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1197060

Title:
  SDK webview applications should use an app-specific path for shared
  memory files

Status in “apparmor” package in Ubuntu:
  In Progress
Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
  Won't Fix
Status in “qtwebkit-opensource-src” package in Ubuntu:
  Won't Fix
Status in “apparmor” source package in Saucy:
  Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Saucy:
  Won't Fix
Status in “qtwebkit-opensource-src” source package in Saucy:
  Won't Fix
Status in “apparmor” source package in Trusty:
  Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Trusty:
  Won't Fix
Status in “qtwebkit-opensource-src” source package in Trusty:
  Won't Fix

Bug description:
  Ubuntu SDK applications that use webkit webviews create shared memory files 
as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the 
following:
  owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,

  But this rule is too lenient because a malicious app could enumerate
  these files and attack shared memory of other applications. Therefore,
  these paths need to be made application specific. One suggestion is to
  use something like shm_open("%s-WK2SharedMemory" % <app_pkgname>")
  instead of shm_open("WK2SharedMemory") where '<app_pkgname>' is the
  "name" field in the Click manifest (see bug #1197037 for details).

  Future work will allow for AppArmor IPC to handle this without
  modifications to the SDK, but this may be 14.04 so we need a solution
  for 13.10. I recommend fixing this bug after the other SDK bugs I
  filed today, then talk to the security team before fixing this bug
  since it is possible we will have something for 13.10 that doesn't
  require altering the SDK.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1197060/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to