Bug#570350: linux-image-2.6.26-2-amd64: kernel BUG

[Georg Borgström <geobo@lysator.liu.se>]

On 18 Mar 2010, ben@decadent.org.uk wrote:

>On Thu, Mar 18, 2010 at 04:05:57PM +0100, Georg Borgström wrote:
>> Hi,
>> 
>> I tried to disable the "sandbox" mentioned in
>> http://code.google.com/p/chromium/issues/detail?id=35440 by adding the
>> switch --no-sandbox to google-chrome and the problem went away!
>> 
>> With the switch I don't get "Not cloning cgroup for unused subsystem
>> ns" when starting chrome and no ugly "crash" when leaving chrome!
>> 
>> Probably no kernel bug after all.
>
>It is a kernel bug; no unprivileged application should be able to do this.
>Thanks for narrowing down what triggers the bug; that should help to me to
>find a fix for it.
>
>Ben.

Hi, and thanks for your reply!

I'm sure you are aware of this but at least on my system the application isn't
really unprivileged:

  gb@big:~$ ls -al /opt/google/chrome/chrome-sandbox
  -rwsr-xr-x 1 root root 10692 2010-02-21 08:44 /opt/google/chrome/chrome-sandbox

I don't know why they think they need root and I definitely don't like
it... Part of a web browser running as root seems awfully close to Windows...
(I don't like google-chrome fiddling with my /etc/apt/sources.list but that's
another story...)

Please let me know if I can provide an other info or help in any way!

Sending this in private mail due to possible security aspects. Hope thats OK!


Sincerely /Georg
-- 
Georg Borgström, Storgatan 55, 852 30 Sundsvall, SWEDEN
Email: geobo@lysator.liu.se, Phone: +46 60 170647