[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The weird bug again: semid XXXXXX: semop failed for cookie 0xdeadbeef: incorrect semaphore state



On mer., 2011-08-17 at 13:30 +0200, Milan Broz wrote:
> On 08/17/2011 12:48 PM, Milan Broz wrote:
> >> For chromium, it might be that the default sandboxing (setuid one)
> uses
> >> PID and network namespaces. Not sure why it'd mess with semaphores,
> but
> >> maybe there's something to look at there.
> 
> It is apparently related to sandboxing, namely to using namespaces
> (You need kernel support for it to reproduce. See about:sandbox in
> chromium.)
> 
> I would really like to know what crazy is chromium doing to global
> system.
> 
> Despite I like the idea of sandboxing I have to ask
> why it is part of "browser" and not some separate package.
> What's next? Bundled kernel? :)

Because each tab is sandboxed. There's a seccomp sandbox available too.


> 
> Also installing setuid /usr/lib64/chromium/chromium-sandbox ...
> Not even man page for it. Sigh... 

See http://code.google.com/p/chromium/wiki/LinuxSandboxing
-- 
Yves-Alexis

_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


[DM Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

Add to Google Powered by Linux