Closed Bug 1396733 Opened 7 years ago Closed 7 years ago

[flatpak] add /run/host/fonts to the sandbox whitelist

Categories

(Core :: Security: Process Sandboxing, enhancement, P1)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
All
Linux
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla57
Tracking Flags:
Tracking Status
firefox57 --- fixed

People

(Reporter: jhorak, Assigned: gcp)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 1396733 - Add flatpak font dirs to the sandbox whitelist.
(deleted), text/x-review-board-request
jld
: review+
Details
Currently there is allowed access to the [1]: /usr/X11R6/lib/X11/fonts /usr/share which covers loading system installed fonts. The flatpak puts fonts installed on host to the /run/host/fonts. Currently the Firefox sandbox deny the access to this location which leads to the missing letters when specific font is used on page. See report [2]. [1] https://dxr.mozilla.org/mozilla-central/rev/632e42dca494ec3d90b70325d9c359f80cb3f38a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp#98 [2] https://github.com/xhorak/firefox-devedition-flatpak/issues/36
Blocks: flatpak
You need /run/host/fonts/user-fonts too. That is where the $HOME/.fonts (or equivalent) fonts show up (as your app might not have generic homedir access)
Assignee: nobody → gpascutto
Priority: -- → P1
(In reply to Alexander Larsson from comment #1) > You need /run/host/fonts/user-fonts too. That is where the $HOME/.fonts (or > equivalent) fonts show up (as your app might not have generic homedir access) We allow $HOME/.fonts specifically so that one should be fine.
What I mean is that a flatpak sandboxed app (say firefox) typically does not have full access to the normal filesystem. So, the files in /home/user/.fonts will not be there in the sandbox. To make per-user installed fonts work in such applications, flatpak exposes a read-only version of /home/user/.fonts as /run/host/user-fonts in the sandbox (and configures fontconfig to look there). So, direct access to ~/.fonts will only work if the firefox app has full homedir access.
(In reply to Jan Horak from comment #6) > The attached patch does not fix the issue, we must miss something there. > I'll look into in further. Huh, that's really surprising given https://bugzilla.mozilla.org/show_bug.cgi?id=1390392#c15
Sorry for the confusion, I was wrong about it. It works fine with patch applied. Thanks.
Comment on attachment 8907535 [details] Bug 1396733 - Add flatpak font dirs to the sandbox whitelist. https://reviewboard.mozilla.org/r/179244/#review184662
Attachment #8907535 - Flags: review?(jld) → review+
Pushed by gpascutto@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/ec5526fce679 Add flatpak font dirs to the sandbox whitelist. r=jld
https://hg.mozilla.org/mozilla-central/rev/ec5526fce679
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox57: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: