Google's Chromium sandbox
Google's Chromium sandbox
Posted Aug 19, 2009 16:32 UTC (Wed) by foom (subscriber, #14868)In reply to: Google's Chromium sandbox by johill
Parent article: Google's Chromium sandbox
Why, for example, can an untrusted process look into my filesystem using getdents() without any checking?Presumably because getdents takes an already-open fd, and open is sandboxed.