Permissions issue causes file descriptor leak and eventual Chromium crash #220
Comments
|
It looks like the same issue as: |
|
Yes, that does look like the same issue. Thanks for letting me know. I'll try a test after upgrading to the next version of p11-kit after 0.23.15. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I reported this p11-kit related issue to the Chromium team but they stated that the issue needs to be fixed in p11-kit because it is loaded into Chromium. Here's the bug report I filed with them:
https://bugs.chromium.org/p/chromium/issues/detail?id=944529
Steps to reproduce the problem:
Set any CA certificate installed under /etc/ca-certificates/trust-source/anchors/ to only be readable by root.
Start Chromium and observe constant errors like:
p11-kit: 'ret >=0' not true at loader_load_directory
Running "trust list" will show a similar error.
WARNING:shared_memory_posix.cc(386)] Shared memory creation failed; out of file descriptors
At the point, the browser becomes unresponsive with the current tab not reacting. Shortly thereafter, Chromium crashes.
What is the expected behavior?
Chromium should not run out of file descriptors on a system with normal limits such as the 1024 file descriptor limit that is normal for most Linux distributions and was configured on my system.
What went wrong?
It looks like there is some error path being hit in p11-kit within Chromium that is causing a file descriptor leak. Once I fix permissions on the bad certificate, the file descriptor limit is not exceeded and Chromium does not crash.
The text was updated successfully, but these errors were encountered: