On Sat, Oct 3, 2009 at 3:22 PM, Ben Laurie <[email protected]> wrote: > Why doesn't the sandbox prevent this?
The SUID sandbox doesn't work that way. To be clear, the correct solution on FreeBSD is to use SOCK_DGRAM. Please don't rewrite the sandbox IPC scheme to have framing. It's a very minor security issue and not worth the extra code. On Linux, we want SOCK_SEQPACKET and if FreeBSD gets SEQPACKET in the future, then great, we can switch to using it everywhere. AGL --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: [email protected] View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
