On 2018-05-11 14:00:57, Landry Breuil <lan...@openbsd.org> wrote:
> CVSROOT: /cvs
> Module name: ports
> Changes by: lan...@cvs.openbsd.org 2018/05/11 14:00:57
>
> [...]
>
> Log message:
> Update to firefox 60.
>
> [...]
>
> If you encounter crashes due to pledge, look into your kernel log, and
> try to figure out what missing pledge is needed or what firefox codepath
> hits it.
>
> [...]
>
> So far i know 'getpw' might be needed when uploading files but i havent
> hit it, and 'proc' might be needed by the content process when there's
> no dbus daemon running, but they're not needed in the 'common case', and
> too broad.
>
Hello,
I've found that a simple "Right-click -> Save image as" or
"Right-click -> Save link as" causes Firefox to crash.
firefox[77259]: pledge "getpw", syscall 33
firefox[11365]: pledge "getpw", syscall 33
firefox[11365]: pledge "stdio", syscall 29
firefox[76277]: pledge "getpw", syscall 33
firefox[10702]: pledge "getpw", syscall 33
I tried four separate times. All of them showed a "getpw" pledge
error. For some reason, one of the trials also caused it to emit
an "stdio" pledge error too.
I see that stdio is already pledged, so I have no idea why or
where that error came from.
FWIW, /usr/src/sys/kern/syscalls.master says that syscalls 29 and 33 are
the following:
29 STD { ssize_t sys_recvfrom(int s, void *buf, size_t len, \
int flags, struct sockaddr *from, \
socklen_t *fromlenaddr); }
33 STD { int sys_access(const char *path, int amode); }
Adding the "getpw" pledge to "security.sandbox.pledge.content"
doesn't fix it. However adding it to "security.sandbox.pledge.main"
lets everything run just fine again.
I'd also like to take this opportunity to thank you (and all the
others!) who put in all the effort to pledge Firefox. Thank you!
--
Bryan
