Closed
Bug 1138721
Opened 9 years ago
Closed 9 years ago
Application reputation should check mac file extensions
Categories
(Core :: DOM: Security, defect)
Tracking
()
RESOLVED
FIXED
mozilla39
People
(Reporter: mmc, Assigned: francois)
References
(Blocks 1 open bug)
Details
Attachments
(2 files, 3 obsolete files)
2.01 KB,
patch
|
Details | Diff | Splinter Review | |
11.61 KB,
patch
|
mmc
:
review+
lizzard
:
approval-mozilla-aurora+
|
Details | Diff | Splinter Review |
file.MatchesExtension(FILE_PATH_LITERAL(".dmg")) || file.MatchesExtension(FILE_PATH_LITERAL(".pkg")) || file.MatchesExtension(FILE_PATH_LITERAL(".osx")) || file.MatchesExtension(FILE_PATH_LITERAL(".app")) || These are new since application reputation was written.
Reporter | ||
Updated•9 years ago
|
Blocks: downloadprotection
Reporter | ||
Comment 1•9 years ago
|
||
https://code.google.com/p/chromium/codesearch#chromium/src/chrome/common/safe_browsing/download_protection_util.cc
Assignee | ||
Comment 2•9 years ago
|
||
Reporter | ||
Comment 3•9 years ago
|
||
Comment on attachment 8584293 [details] [diff] [review] Fix the generate_csd.sh script Review of attachment 8584293 [details] [diff] [review]: ----------------------------------------------------------------- See https://bugzilla.mozilla.org/show_bug.cgi?id=1024774#c99. Please coordinate with fitzgen.
Attachment #8584293 -
Flags: review?(mmc)
Assignee | ||
Comment 4•9 years ago
|
||
Part 0 of fitzgen's patch will add the missing MAC_EXECUTABLE enum value.
Depends on: 1024774
Assignee | ||
Comment 5•9 years ago
|
||
I probably won't push the script as part of this bug, but I want to keep an updated copy of it.
Attachment #8584293 -
Attachment is obsolete: true
Assignee | ||
Comment 6•9 years ago
|
||
Monica, I'm thinking of landing this now so that it can be in Fx39, and then adding the Mac extensions once fitzgen has updated protobuf. What do you think?
Flags: needinfo?(mmc)
Attachment #8585293 -
Flags: review?(mmc)
Assignee | ||
Comment 7•9 years ago
|
||
Reporter | ||
Comment 8•9 years ago
|
||
Comment on attachment 8585293 [details] [diff] [review] Include the download_type when doing remote lookups Review of attachment 8585293 [details] [diff] [review]: ----------------------------------------------------------------- LG, but missing a change to test_app_rep_windows to update the size of the request.
Attachment #8585293 -
Flags: review?(mmc)
Reporter | ||
Comment 9•9 years ago
|
||
39 is merging today but you can land this before https://bugzilla.mozilla.org/show_bug.cgi?id=1024774 if you want to get it out of your queue. Since you turned on remote lookups for Mac in 39 I think it would make sense to uplift the mac extensions changes to 39.
Flags: needinfo?(mmc)
Assignee | ||
Comment 10•9 years ago
|
||
Attachment #8585293 -
Attachment is obsolete: true
Attachment #8585294 -
Attachment is obsolete: true
Attachment #8586566 -
Flags: review?(mmc)
Reporter | ||
Comment 11•9 years ago
|
||
Comment on attachment 8586566 [details] [diff] [review] Add download type and mac extensions Review of attachment 8586566 [details] [diff] [review]: ----------------------------------------------------------------- Great, thank you.
Attachment #8586566 -
Flags: review?(mmc) → review+
Assignee | ||
Updated•9 years ago
|
Attachment #8585277 -
Attachment description: Small improvements to fitzgen's script → Small improvements to fitzgen's script (DO NOT LAND)
Assignee | ||
Comment 12•9 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=c463721f7e8d
Keywords: checkin-needed
Comment 13•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/22b1b2e2f999
Flags: in-testsuite+
Keywords: checkin-needed
Comment 14•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/22b1b2e2f999
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox40:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla40
Assignee | ||
Updated•9 years ago
|
QA Contact: mwobensmith
Assignee | ||
Comment 15•9 years ago
|
||
Comment on attachment 8586566 [details] [diff] [review] Add download type and mac extensions Approval Request Comment [Feature/regressing bug #]: 1138721 [User impact if declined]: The patch for 1111741 in Fx 39 added safebrowsing download lookups on Mac but without this follow-up patch, the Mac file types aren't checked. [Describe test coverage new/current, TreeHerder]: https://treeherder.mozilla.org/#/jobs?repo=try&revision=67de6e8b2e7d [Risks and why]: If Mac remote lookups are broken in 1111741 then this patch will amplify the problem. [String/UUID change made/needed]: None
Attachment #8586566 -
Flags: approval-mozilla-aurora?
Comment 16•9 years ago
|
||
Comment on attachment 8586566 [details] [diff] [review] Add download type and mac extensions Approved for uplift to aurora.
Attachment #8586566 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Comment 17•9 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/1889221f5491
status-firefox39:
--- → fixed
Assignee | ||
Updated•9 years ago
|
Target Milestone: mozilla40 → mozilla39
Assignee | ||
Updated•9 years ago
|
Assignee | ||
Comment 18•9 years ago
|
||
Release Note Request (optional, but appreciated) [Why is this notable]: We now submit metadata about downloaded Mac binaries (e.g. .dmg) to the Google detection service [Suggested wording]: The malware detection service for downloads now covers common Mac extensions [Links (documentation, blog post, etc)]:
relnote-firefox:
--- → ?
Keywords: relnote
Updated•9 years ago
|
Comment 19•9 years ago
|
||
Changing wording to "file extensions" for clarity
Comment 20•9 years ago
|
||
"file types", even. "extensions" is the part confusing people.
You need to log in
before you can comment on or make changes to this bug.
Description
•