How does renderer process access filesystem on linux?

[lixin jiang]

Hello,

I'm trying to read the source code of seccomp-bpf sandbox of chromium. When I inspected the bpf policy of renderer process, I found it just return a errno instead of triggering a trap to forward the syscall to broker., like: 

if (SyscallSets::IsFileSystem(sysno) ||

SyscallSets::IsCurrentDirectory(sysno)) {

return Error(fs_denied_errno);

}

Source code is here.

So I wander how renderer process access the filesystem when it tries to load a file.

[K. Moon]

The short answer is that it doesn't. Sandboxed processes like the renderer have to ask other processes for help:

https://chromium.googlesource.com/chromium/src/+/main/docs/design/sandbox_faq.md#so-how-can-a-sandboxed-process-such-as-a-renderer-accomplish-anything

--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/493eb86f-fdce-43b4-b648-f7ef73c2c40fn%40chromium.org.