electron/patches/common/chromium/thread_capabilities.patch

28 lines
970 B
Diff
Raw Normal View History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2018-09-21 00:30:26 +00:00
From: Anonymous <anonymous@electronjs.org>
Date: Thu, 20 Sep 2018 17:46:43 -0700
Subject: thread_capabilities.patch
Chromium automatically drops all capabilities of renderer threads in
Linux, which may cause issues in a context like Electron, where the main
and renderer threads are supposed to keep inherited permissions over the
system.
See https://github.com/atom/electron/issues/3666
diff --git a/sandbox/linux/services/credentials.cc b/sandbox/linux/services/credentials.cc
2019-01-24 09:42:21 +00:00
index 542567f3ee58776a8ca915f1f62dcffa29141798..0f5f017b0ee63bbe7107f39143484bc6d728104e 100644
--- a/sandbox/linux/services/credentials.cc
+++ b/sandbox/linux/services/credentials.cc
2019-01-24 09:42:21 +00:00
@@ -352,8 +352,10 @@ pid_t Credentials::ForkAndDropCapabilitiesInChild() {
return pid;
}
+#if 0
// Since we just forked, we are single threaded.
PCHECK(DropAllCapabilitiesOnCurrentThread());
+#endif
return 0;
}