Closed
Bug 1137943
Opened 9 years ago
Closed 8 years ago
Review Shumway's sandboxes
Categories
(Firefox Graveyard :: Shumway, defect)
Firefox Graveyard
Shumway
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: till, Assigned: yury)
References
Details
Shumway has three different layers of sandboxing: - An outermost sandbox that prevents content from getting direct access to chrome-privileged code. - An inner one around the content script-executing part of Shumway that prevents content from directly accessing the Shumway instance's iframe. - An implementation of Flash's SecurityDomains for controlling access between SWFs from different domains loaded into the same player instance. These sandboxes are in very different shapes: the outermost is ready for review right now, the inner one needs some work on our part (mostly bug 1137942, but also some cleanup of how the communication works) to ease verification but largely works, while the SecurityDomains implementation isn't finished at all. I'll file blocking bugs for verifying the three different sandboxes next. We should probably do a kick-off meeting to go over the general strokes as a first step.
Reporter | ||
Comment 1•9 years ago
|
||
As long as the outer sandbox is verified and we only load stuff from domains that crossdomain.xml allows, this doesn't block enabling on Nightly.
Comment 2•9 years ago
|
||
Yury needs to confirm he has addressed bholley's initial review feedback (before asking bholley for a final review).
Assignee: nobody → ydelendik
Updated•8 years ago
|
Product: Firefox → Firefox Graveyard
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•