Bug #15717

Firefox' "Web Content" processes are not confined as strictly as they used to

Added by intrigeri 2018-07-05 16:08:24 . Updated 2018-07-05 18:08:59 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2018-07-05
Due date:
% Done:

100%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Browser
Deliverable for:

Description

Previously they would run under their own, stricter AppArmor profile (torbrowser_plugin_container) but they’re not a different binary anymore: Firefox now calls its own binary to start a new Web Content process, so these processes run under the torbrowser_firefox profile.


Subtasks


Related issues

Related to Tails - Bug #12679: Sandbox Tor Browser's content renderer processes more strictly Resolved 2017-06-10
Blocks Tails - Feature #15334: Core work 2018Q3: Foundations Team Resolved 2018-02-20

History

#1 Updated by intrigeri 2018-07-05 16:28:52

  • related to Bug #12679: Sandbox Tor Browser's content renderer processes more strictly added

#2 Updated by intrigeri 2018-07-05 16:42:41

#3 Updated by intrigeri 2018-07-05 18:08:49

  • Status changed from Confirmed to Resolved
  • % Done changed from 0 to 100

#4 Updated by intrigeri 2018-07-05 18:08:59

  • Assignee deleted (intrigeri)
  • Type of work changed from Research to Code