Page MenuHomeSolus
Differential D7751

Enable subprocess sandboxing for libwebkit-gtk
ClosedPublic
Actions

Authored by Jacalz on Nov 30 2019, 2:57 PM.

Details

Reviewers
JoshStrobl
Group Reviewers
Triage Team
Commits
R3336:4faa4dc67a8d: Enable subprocess sandboxing for libwebkit-gtk
Summary

Packaging Changes:

  • Build with bubbelwrap sandbox to support running subprocesses in a sandbox. This should (in theory) lead to better web security for applications leveraging libwebkit-gtk.

Depends on D7750

Test Plan
  • Browse different sites to verify that everything works as expected.
  • Verify that performace doesn't regress with running sandboxed compared to running without.

Diff Detail

Repository
R3336 libwebkit-gtk
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

Jacalz created this revision.Nov 30 2019, 2:57 PM
Jacalz requested review of this revision.Nov 30 2019, 2:57 PM
JoshStrobl added a subscriber: JoshStrobl.Dec 4 2019, 8:11 AM

Build with bubbelwrap sandbox. This should lead to better web security for applications leveraging webkit-gtk.

So how are we testing that we're actually running these webkit instances in a sandboxed environment?

Jacalz added a comment.Dec 4 2019, 4:13 PM
In D7751#124126, @JoshStrobl wrote:

Build with bubbelwrap sandbox. This should lead to better web security for applications leveraging webkit-gtk.

So how are we testing that we're actually running these webkit instances in a sandboxed environment?

Well, I haven't find any good way to test it. Can't possibly be less secure than without it though.

Jacalz edited the summary of this revision. (Show Details)Dec 4 2019, 4:13 PM
Jacalz retitled this revision from Make libwebkit-gtk sandboxed to Enable subprocess sandboxing for libwebkit-gtk.Dec 5 2019, 6:06 PM
Jacalz edited the summary of this revision. (Show Details)
JoshStrobl added a comment.Dec 5 2019, 9:16 PM
In D7751#124213, @Jacalz wrote:
In D7751#124126, @JoshStrobl wrote:

Build with bubbelwrap sandbox. This should lead to better web security for applications leveraging webkit-gtk.

So how are we testing that we're actually running these webkit instances in a sandboxed environment?

Well, I haven't find any good way to test it. Can't possibly be less secure than without it though.

Well unless you have a way to verifiably ensure it even works in the first place, it isn't any more secure, which is the point of it.

Jacalz added a comment.EditedDec 20 2019, 4:18 PM

@JoshStrobl I have now verified that it is being used by libwebkit-gtk, using pstree. The following picture is without bwrap support:

The next image is with. Notice how WebKitWebProces is a child process of bwrap:

Jacalz added a comment.EditedJan 10 2020, 4:35 PM

Per the comment above, are there any news on getting this merged? 🙂 @JoshStrobl

JoshStrobl accepted this revision.Jan 10 2020, 5:23 PM

Nope, looks good! Sorry for the delay and thanks again for the patch and validation.

This revision is now accepted and ready to land.Jan 10 2020, 5:23 PM
Closed by commit R3336:4faa4dc67a8d: Enable subprocess sandboxing for libwebkit-gtk (authored by Jacalz, committed by JoshStrobl). · Explain WhyJan 10 2020, 5:27 PM
This revision was automatically updated to reflect the committed changes.
JoshStrobl added a commit: R3336:4faa4dc67a8d: Enable subprocess sandboxing for libwebkit-gtk.

Revision Contents
Changeset List

PathPackages
Mabi_used_libs (1 line)
Mpackage.yml (9 lines)
Mpspec_x86_64.xml (14 lines)

Diff 19225

View Options

abi_used_libs

Loading...
View Options

package.yml

Loading...
View Options

pspec_x86_64.xml

Loading...
Copyright © 2015-2020 Solus Project. The Solus logo is Copyright © 2016-2020 Solus Project. All Rights Reserved.