firefox privilege seperation is very rough. The code was written as an afterthought, and it clearly has many cases where processes perform operations directly.
I expect the response will be to add pledge "audio" to permit those ioctls, and in time the firefox processes will have essentially all pledges. It is a tremendously long line. The addition of each pledge admits the program isn't a privsep design, and the advertised isolation isn't that great. Reports of these pledge failures could be used by upstream to improve the seperation -- moving the operations to better processes. But I doubt that will happen. Adding privsep to programs after the fact is very difficult. > i'm not sure is this intended or not, but if sndiod isn't running and if > i want to open youtube video with firefox i got this log > firefox[54192]: pledge "tty", syscall 54 and firefox crashes .... > when sndiod is running everything seems fine .. > > > from kdump > 70068 firefox CALL ioctl(56,AUDIO_STOP,0x1) > 70068 firefox PLDG ioctl, "tty", errno 1 Operation not permitted > > > from gdb > (gdb) bt > #0 ioctl () at -:3 > #1 0x00001ad9e350858e in sio_sun_fdopen (fd=31, mode=1, nbio=1) at > /usr/src/lib/libsndio/sio_sun.c:326 > #2 0x00001ad9e3508626 in _sio_sun_open (str=Variable "str" is not > available. > ) at /usr/src/lib/libsndio/sio_sun.c:345 > #3 0x00001ada4916e16b in WebPGetColorPalette () from > /usr/local/lib/firefox/libxul.so.84.0 > #4 0x00001ada4916d47d in WebPGetColorPalette () from > /usr/local/lib/firefox/libxul.so.84.0 > #5 0x00001ada47f0f415 in std::__1::__murmur2_or_cityhash<unsigned long, > 64ul>::__hash_len_0_to_16 () from /usr/local/lib/firefox/libxul.so.84.0 > #6 0x00001ada47f0f2d2 in std::__1::__murmur2_or_cityhash<unsigned long, > 64ul>::__hash_len_0_to_16 () from /usr/local/lib/firefox/libxul.so.84.0 > #7 0x00001ada480bdb0c in > cdm::ContentDecryptionModule_10::~ContentDecryptionModule_10 () from > /usr/local/lib/firefox/libxul.so.84.0 > #8 0x00001ada480bca8a in > cdm::ContentDecryptionModule_10::~ContentDecryptionModule_10 () from > /usr/local/lib/firefox/libxul.so.84.0 > #9 0x00001ada480bf915 in > cdm::ContentDecryptionModule_10::~ContentDecryptionModule_10 () from > /usr/local/lib/firefox/libxul.so.84.0 > #10 0x00001ada480c60e9 in > cdm::ContentDecryptionModule_10::~ContentDecryptionModule_10 () from > /usr/local/lib/firefox/libxul.so.84.0 > #11 0x00001ada47f63ada in std::__1::__split_buffer<int*, > std::__1::allocator<int*>&>::push_front () from > /usr/local/lib/firefox/libxul.so.84.0 > #12 0x00001ada47f5dc46 in std::__1::__split_buffer<int*, > std::__1::allocator<int*>&>::push_front () from > /usr/local/lib/firefox/libxul.so.84.0 > #13 0x00001ada47f5da7b in std::__1::__split_buffer<int*, > std::__1::allocator<int*>&>::push_front () from > /usr/local/lib/firefox/libxul.so.84.0 > #14 0x00001ada47f9047d in std::__1::__split_buffer<int*, > std::__1::allocator<int*>&>::push_front () from > /usr/local/lib/firefox/libxul.so.84.0 > #15 0x00001ada461232f8 in std::__1::function<void ()(long long)>::swap > () from /usr/local/lib/firefox/libxul.so.84.0 > #16 0x00001ada46120f51 in std::__1::function<void ()(long long)>::swap > () from /usr/local/lib/firefox/libxul.so.84.0 > #17 0x00001ada46134a3e in std::__1::function<void ()(long long)>::swap > () from /usr/local/lib/firefox/libxul.so.84.0 > #18 0x00001ada46134b9b in std::__1::function<void ()(long long)>::swap > () from /usr/local/lib/firefox/libxul.so.84.0 > #19 0x00001ada46130c32 in std::__1::function<void ()(long long)>::swap > () from /usr/local/lib/firefox/libxul.so.84.0 > #20 0x00001ada46133271 in std::__1::function<void ()(long long)>::swap > () from /usr/local/lib/firefox/libxul.so.84.0 > #21 0x00001ada4655eb47 in std::__1::vector<int, std::__1::allocator<int> > >::__append () from /usr/local/lib/firefox/libxul.so.84.0 > #22 0x00001ada464dc85f in std::__1::vector<std::__1::basic_string<char, > std::__1::char_traits<char>, std::__1::allocator<char> >, > std::__1::allocator<std::__1::basic_string<char, > std::__1::char_traits<char>, std::__1::allocator<char> > > > >::insert<std::__1::__wrap_iter<std::__1::basic_string<char, > std::__1::char_traits<char>, std::__1::allocator<char> >*> > () from > /usr/local/lib/firefox/libxul.so.84.0 > #23 0x00001ada4612e92d in std::__1::function<void ()(long long)>::swap > () from /usr/local/lib/firefox/libxul.so.84.0 > #24 0x00001adaa590c0a9 in _pt_root (arg=0x1adab98c4100) at ptthread.c:201 > #25 0x00001adac18e2771 in _rthread_start (v=Variable "v" is not available. > ) at /usr/src/lib/librthread/rthread.c:96 > #26 0x00001ada973897c8 in __tfork_thread () at > /usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:77 > #27 0x0000000000000000 in ?? () > Current language: auto; currently asm >
