Bug 250231 - [WPE][GTK] Sandbox should not allow mounting entire home directory
Summary: [WPE][GTK] Sandbox should not allow mounting entire home directory
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKitGTK (show other bugs)
Version: WebKit Nightly Build
Hardware: PC Linux
: P2 Normal
Assignee: Michael Catanzaro
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-01-06 14:04 PST by Michael Catanzaro
Modified: 2023-01-24 14:41 PST (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Catanzaro 2023-01-06 14:04:21 PST 
Let's split this from bug #220117. We should crash if the application tries to mount / or /home or $HOME in the sandbox. We cannot prevent apps from allowlisting whatever they wish, but if they want to be stupid they should have to try somewhat harder than that.
Comment 1 Michael Catanzaro 2023-01-06 16:22:39 PST 
Pull request: https://github.com/WebKit/WebKit/pull/8330
Comment 2 EWS 2023-01-24 14:41:08 PST 
Committed 259309@main (4b0c2332b9a6): <https://commits.webkit.org/259309@main>

Reviewed commits have been landed. Closing PR #8330 and removing active labels.