diff options
| author | bptato <nincsnevem662@gmail.com> | 2024-04-18 18:30:53 +0200 |
|---|---|---|
| committer | bptato <nincsnevem662@gmail.com> | 2024-04-18 18:30:53 +0200 |
| commit | 38db6ab5be80b255fe40df715adc3b5852875cdd (patch) | |
| tree | 328eada3b571e475903be0df61c5abf09c022d8b /lib | |
| parent | 5bb9542045ff6dbb6c357eb4dd0a7616dba33a9a (diff) | |
| download | chawan-38db6ab5be80b255fe40df715adc3b5852875cdd.tar.gz | |
sandbox: seccomp support on Linux
We use libseccomp, which is now a semi-mandatory dependency on Linux. (You can still build without it, but only if you pass a scary long flag to make.) For this to work I had to disable getTimezoneOffset, which would otherwise call localtime_r which in turn reads in some files from /usr/share/zoneinfo. To allow this we would have to give unrestricted openat(2) access to buffer processes, which is unacceptable. (Giving websites access to the local timezone is a fingerprinting vector so if this ever gets fixed then it should be an opt-in config setting.) This patch also includes misc fixes to buffer cloning, and fixes the LIBEXECDIR override in the makefile so that it is actually useful.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/quickjs/quickjs.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/quickjs/quickjs.c b/lib/quickjs/quickjs.c index 0da7e13f..fc5a0357 100644 --- a/lib/quickjs/quickjs.c +++ b/lib/quickjs/quickjs.c @@ -43432,6 +43432,11 @@ static const JSCFunctionListEntry js_math_obj[] = { between UTC time and local time 'd' in minutes */ static int getTimezoneOffset(int64_t time) { + /* this is a fingerprinting vector, and doesn't work with seccomp + * anyway because the glibc localtime_r tries to openat(2) files + * in /usr/share/zoneinfo. */ + return 0; +#if 0 time_t ti; int res; @@ -43478,6 +43483,7 @@ static int getTimezoneOffset(int64_t time) } #endif return res; +#endif } #if 0 |