Closed Bug 1138721 Opened 8 years ago Closed 8 years ago

Application reputation should check mac file extensions

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla39
Tracking Flags:
Tracking Status
firefox39 --- fixed
firefox40 --- fixed
relnote-firefox --- 39+

People

(Reporter: mmc, Assigned: francois)

References

(Blocks 1 open bug)

Details

Attachments

(2 files, 3 obsolete files)

Small improvements to fitzgen's script (DO NOT LAND)
2.01 KB, patch
Details | Diff | Splinter Review
Add download type and mac extensions
11.61 KB, patch
mmc
: review+
lizzard
: approval-mozilla-aurora+
Details | Diff | Splinter Review 
file.MatchesExtension(FILE_PATH_LITERAL(".dmg")) ||
      file.MatchesExtension(FILE_PATH_LITERAL(".pkg")) ||
      file.MatchesExtension(FILE_PATH_LITERAL(".osx")) ||
      file.MatchesExtension(FILE_PATH_LITERAL(".app")) ||

These are new since application reputation was written.
Attached patch Fix the generate_csd.sh script (obsolete) — Splinter Review 
Assignee: nobody → francois
Status: NEW → ASSIGNED

        Attachment #8584293 -
        Flags: review?(mmc)

    
    

    
  
Comment on attachment 8584293 [details] [diff] [review]
Fix the generate_csd.sh script

Review of attachment 8584293 [details] [diff] [review]:
-----------------------------------------------------------------

See https://bugzilla.mozilla.org/show_bug.cgi?id=1024774#c99. Please coordinate with fitzgen.

        Attachment #8584293 -
        Flags: review?(mmc)

    
    

    
  
Part 0 of fitzgen's patch will add the missing MAC_EXECUTABLE enum value.
Depends on: 1024774

    
    

    
  


  
I probably won't push the script as part of this bug, but I want to keep an updated copy of it.

        Attachment #8584293 -
        Attachment is obsolete: true

    
    

    
  


  
Monica, I'm thinking of landing this now so that it can be in Fx39, and then adding the Mac extensions once fitzgen has updated protobuf. What do you think?
Flags: needinfo?(mmc)

        Attachment #8585293 -
        Flags: review?(mmc)

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Add Mac extensions (obsolete)
        — Splinter Review
      

    


  

    
    

    
  
Comment on attachment 8585293 [details] [diff] [review]
Include the download_type when doing remote lookups

Review of attachment 8585293 [details] [diff] [review]:
-----------------------------------------------------------------

LG, but missing a change to test_app_rep_windows to update the size of the request.

        Attachment #8585293 -
        Flags: review?(mmc)

    
    

    
  
39 is merging today but you can land this before https://bugzilla.mozilla.org/show_bug.cgi?id=1024774 if you want to get it out of your queue. Since you turned on remote lookups for Mac in 39 I think it would make sense to uplift the mac extensions changes to 39.
Flags: needinfo?(mmc)

    
    

    
  


  

        Attachment #8585293 -
        Attachment is obsolete: true

        Attachment #8585294 -
        Attachment is obsolete: true

        Attachment #8586566 -
        Flags: review?(mmc)

    
    

    
  
Comment on attachment 8586566 [details] [diff] [review]
Add download type and mac extensions

Review of attachment 8586566 [details] [diff] [review]:
-----------------------------------------------------------------

Great, thank you.

        Attachment #8586566 -
        Flags: review?(mmc) → review+

    
  

        Attachment #8585277 -
        Attachment description: Small improvements to fitzgen's script → Small improvements to fitzgen's script (DO NOT LAND)

    
  
No longer depends on: 1024774

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/22b1b2e2f999
Status: ASSIGNED → RESOLVED
Closed: 8 years ago

          status-firefox40:
          --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla40

    
  
QA Contact: mwobensmith

    
    

    
  
Comment on attachment 8586566 [details] [diff] [review]
Add download type and mac extensions

Approval Request Comment
[Feature/regressing bug #]: 1138721
[User impact if declined]: The patch for 1111741 in Fx 39 added safebrowsing download lookups on Mac but without this follow-up patch, the Mac file types aren't checked.
[Describe test coverage new/current, TreeHerder]: https://treeherder.mozilla.org/#/jobs?repo=try&revision=67de6e8b2e7d
[Risks and why]: If Mac remote lookups are broken in 1111741 then this patch will amplify the problem.
[String/UUID change made/needed]: None

        Attachment #8586566 -
        Flags: approval-mozilla-aurora?

    
    

    
  
Comment on attachment 8586566 [details] [diff] [review]
Add download type and mac extensions

Approved for uplift to aurora.

        Attachment #8586566 -
        Flags: approval-mozilla-aurora? → approval-mozilla-aurora+

    
  
Keywords: feature

    
  
Target Milestone: mozilla40 → mozilla39

    
  
Keywords: featurerelnote

    
    

    
  
Release Note Request (optional, but appreciated)
[Why is this notable]: We now submit metadata about downloaded Mac binaries (e.g. .dmg) to the Google detection service
[Suggested wording]: The malware detection service for downloads now covers common Mac extensions
[Links (documentation, blog post, etc)]:

          relnote-firefox:
          --- → ?
Keywords: relnote

    
    

    
  
Changing wording to "file extensions" for clarity

    
    

    
  
"file types", even. "extensions" is the part confusing people.

          You need to log in
          before you can comment on or make changes to this bug.