New issue
Advanced search Search tips

Issue 119150 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Apr 2012
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug-Security

Restricted
  • Only users with EditIssue permission may comment.



Sign in to add a comment

Sandboxed processes should not be able to open other sandboxed processes

Project Member Reported by jsc...@chromium.org, Mar 20 2012

Issue description

By default, sandboxed processes can open other sandboxed processes and manipulate them. Integrity levels and the restricted group prevent reaching into unsandboxed processes. However, it's possible to start a renderer with privileged IPCs, open the process, and manipulate it directly.
 

Comment 1 Deleted

Comment 2 Deleted

Comment 3 Deleted

Comment 4 Deleted

Comment 5 Deleted

Comment 6 Deleted

Comment 7 Deleted

Labels: -Restrict-View-SecurityTeam Restrict-View-SecurityNotify Mstone-19 Merge-Approved
Status: FixUnreleased
Good to merge to M19 Beta once it's survived a few more days on dev?
Yeah, I'll do the merge since it might get hairy.
Labels: -Mstone-19 -Merge-Approved Mstone-20
Justin says M20. Seems reasonable!
Labels: CVE-2012-2816
Labels: -Restrict-View-SecurityNotify
Status: Fixed
Project Member

Comment 14 by bugdroid1@chromium.org, Oct 13 2012

Labels: Restrict-AddIssueComment-Commit
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.
Project Member

Comment 15 by bugdroid1@chromium.org, Mar 10 2013

Labels: -Type-Security -Area-Internals -Feature-Security -SecImpacts-Stable -SecImpacts-Beta -SecSeverity-Medium -Mstone-20 M-20 Security-Impact-Stable Security-Impact-Beta Cr-Security Security-Severity-Medium Cr-Internals Type-Bug-Security
Project Member

Comment 16 by bugdroid1@chromium.org, Mar 14 2013

Labels: -Restrict-AddIssueComment-Commit Restrict-AddIssueComment-EditIssue
Project Member

Comment 17 by bugdroid1@chromium.org, Mar 21 2013

Labels: -Security-Impact-Stable Security_Impact-Stable
Project Member

Comment 18 by bugdroid1@chromium.org, Mar 21 2013

Labels: -Security-Severity-Medium Security_Severity-Medium
Project Member

Comment 19 by bugdroid1@chromium.org, Mar 21 2013

Labels: -Security-Impact-Beta Security_Impact-Beta
Project Member

Comment 20 by sheriffbot@chromium.org, Jun 14 2016

Labels: -security_impact-beta
Project Member

Comment 21 by sheriffbot@chromium.org, Oct 1 2016

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 22 by sheriffbot@chromium.org, Oct 2 2016

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Labels: allpublic
Labels: CVE_description-submitted

Sign in to add a comment