2018-10-24 18:24:11 +00:00
|
|
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
2018-09-21 00:30:26 +00:00
|
|
|
From: Anonymous <anonymous@electronjs.org>
|
|
|
|
Date: Thu, 20 Sep 2018 17:46:43 -0700
|
|
|
|
Subject: thread_capabilities.patch
|
|
|
|
|
|
|
|
Chromium automatically drops all capabilities of renderer threads in
|
|
|
|
Linux, which may cause issues in a context like Electron, where the main
|
|
|
|
and renderer threads are supposed to keep inherited permissions over the
|
|
|
|
system.
|
|
|
|
|
|
|
|
See https://github.com/atom/electron/issues/3666
|
|
|
|
|
2018-09-14 05:02:16 +00:00
|
|
|
diff --git a/sandbox/linux/services/credentials.cc b/sandbox/linux/services/credentials.cc
|
2020-04-06 20:09:52 +00:00
|
|
|
index d7b5d8c441354965ee0cb87a57d9552a4ae1f20d..dd145dd38fdbd7c426bd821baff0d9fe76201469 100644
|
2018-09-14 05:02:16 +00:00
|
|
|
--- a/sandbox/linux/services/credentials.cc
|
|
|
|
+++ b/sandbox/linux/services/credentials.cc
|
2020-04-06 20:09:52 +00:00
|
|
|
@@ -354,8 +354,10 @@ pid_t Credentials::ForkAndDropCapabilitiesInChild() {
|
2018-09-14 05:02:16 +00:00
|
|
|
return pid;
|
|
|
|
}
|
|
|
|
|
|
|
|
+#if 0
|
|
|
|
// Since we just forked, we are single threaded.
|
|
|
|
PCHECK(DropAllCapabilitiesOnCurrentThread());
|
|
|
|
+#endif
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|