New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 737504 link

Starred by 1 user
Status: Verified
Owner:
lndmrk@chromium.org
Closed: Jul 2017
Cc:
k...@limesaudio.com
deborahliu@chromium.org
itspeter@chromium.org
cychiang@chromium.org
chromeos-audio-bugs@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Feature



Sign in to add a comment

atrusd: revise minijail0 flags

Project Member Reported by lndmrk@chromium.org, Jun 28 2017 
During the latest reviews on atrusctl we got some comments on the minijail0 flags currently used. We should revise the flags and see if we can lock it down even more.

Comment 1 by lndmrk@chromium.org, Jun 28 2017

Status: Started (was: Assigned)
Project Member

Comment 2 by bugdroid1@chromium.org, Jul 6 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/atrusctl/+/85a2e7c0c0b7317a48928c93efea41dfcf6c8bcd

commit 85a2e7c0c0b7317a48928c93efea41dfcf6c8bcd
Author: Emil Lundmark <lndmrk@chromium.org>
Date: Thu Jul 06 16:49:25 2017

Lock down further with minijail0

This adds a new bunch of flags to minijail0, hopefully reducing the
attack surface of the program even more.

BUG= chromium:737504 
TEST=Ran a test involving firmware upgrade and diagnostics. Also
verified that audio was available in kiosk mode.

Change-Id: I2136608f2f5569b4b4d39a3a650a0475feb39c93
Reviewed-on: https://chromium-review.googlesource.com/558345
Commit-Ready: Emil Lundmark <lndmrk@chromium.org>
Tested-by: Emil Lundmark <lndmrk@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>

[modify] https://crrev.com/85a2e7c0c0b7317a48928c93efea41dfcf6c8bcd/init/atrusd.conf

Comment 3 by lndmrk@chromium.org, Jul 7 2017

Status: Verified (was: Started)

Comment 4 by harpreet@chromium.org, Jul 18 2017

Labels: Proj-Bluestreak

Sign in to add a comment