Red Hat Bugzilla – Bug 593370
Google Chrome's Zygote-Sandbox
Last modified: 2010-05-18 15:38:16 EDT
Description of problem:
Google Chrome's Zygote-Sandbox chroots each and every new tab as it is being created. A Super User is required to set a chroot. If an obfuscated script prevents the tab from dropping root the entire system is compromised. Please force a change in Google's behaviour on Linux.
The zygote_main_linx.cc (src/chrome/browser) file contains code that calls the sandbox.h (src/sandbox/linux/seccomp) header. The header declares an external variable "C", which to the sandbox.c (src/sandbox/linux/suid) translates too 'chroot' me (line 63). This happens with every fork and it must stop! It is a compromise of the total system, the root!
What component is this report for? Sounds like a Google Chrome / Chromium, so it should be reported in chromium bug tracker, no?
hmmm. I guess you are right. I don't have a login there, thought here would be a good spot. I'll look for the Google bugzilla. Anyways, heads up on the zygote forking process. It doesn't have a clean start.
(In reply to comment #2)
> I'll look for the Google bugzilla.
Thanks Tomas. Sorry for the mistake. I got it here: http://is.gd/ceQ4o or issue 44469 if you don't trust shortened links.
http://code.google.com/p/chromium/issues/detail?id=44469 for the unshortened link. Chrome / Chromium is not part of Fedora or Red Hat product, closing.