Issue 914263 link

Starred by 1 user

Issue metadata

Status:	Untriaged
Owner:	----
Cc:	hidehiko@chromium.org nya@chromium.org
Components:	Infra>ChromeOS>Build
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	2
Type:	Bug

portage sandbox wrongly denies to accessing allowed files.

Project Member Reported by hidehiko@chromium.org, Dec 12

Issue description

When we use CROS_WORKON_SUBTREE, a list for directories which are not accessible is created and passed to the sandboex.

However, the sandbox uses simple prefix match of a path, so it sometimes misunderstands it.
For example,

if we have;

platform2/foo/bar
platform2/foo/bar2

and, in a pacakge, platform2/foo/bar2 is added to CROS_WORKON_SUBTREE,
then platform2/foo/bar is passed to sandbox. It denies to access files starting with platform2/foo/bar, which includes platform2/foo/bar2.
That's unexpected behavior.

Comment 1 by ovanieva@chromium.org, Dec 14

hidehiko@ which component can we assign this bug so it does not show up in Chrome OS UI triage?

Comment 2 by hidehiko@chromium.org, Dec 16

Components: Infra>Client>ChromeOS>Build

I guess Infra>Client>ChromeOS>Build. nya@, please fix me if there's more appropriate one.

Comment 3 by vapier@google.com, Dec 16

try adding a / suffix

the matching behavior isn't new in sandbox, so not sure it'll change in Gentoo

►

Issue 914263 link

Issue metadata

portage sandbox wrongly denies to accessing allowed files.

Issue description

Comment 1 by ovanieva@chromium.org, Dec 14

Comment 1 Deleted

Comment 2 by hidehiko@chromium.org, Dec 16

Comment 2 Deleted

Comment 3 by vapier@google.com, Dec 16

Comment 3 Deleted

Sign in to add a comment