Closed
Bug 1151941
Opened 8 years ago
Closed 1 year ago
Windows content sandbox with alternate winstation causes problems for common controls theme support
Categories
(Core :: Security: Process Sandboxing, enhancement, P1)
Tracking
()
RESOLVED
FIXED
98 Branch
| Tracking | Status | |
|---|---|---|
| firefox98 | --- | fixed |
People
(Reporter: bent.mozilla, Assigned: bobowen)
References
Details
(Whiteboard: sb+)
Attachments
(3 files)
screenshot-low.jpg
See screenshots.
|
Reporter | |
Comment 1•8 years ago
|
||
|
|
Reporter | |
Comment 2•8 years ago
|
||
This is an x64 nightly build, on windows 8.1.
|
|
Reporter | |
Comment 3•8 years ago
|
||
And I don't see anything in the browser console log that looks relevant.
|
Assignee | |
Comment 4•8 years ago
|
||
Looks like this was caused by the previous stronger policy that level 1 represented. Not sure which of those previous settings caused the problem, so I'll just change this to block the main content sandbox tightening bug for now.
|
|
Assignee | |
Comment 5•8 years ago
|
||
Looks like this is down to using an alternate desktop.
Summary: Low-integrity processes lose common controls theme support → Windows content sandbox with alternate desktop causes problems for common controls theme support
|
|
Assignee | |
Comment 6•8 years ago
|
||
Hi Gijs, do you have any idea where this styling change gets implemented? I'm struggling to find out why using an alternate desktop is blocking this. Not sure if this is your area, but IIRC you were doing some styling stuff for Windows 10.
Flags: needinfo?(gijskruitbosch+bugs)
|
||
Comment 7•8 years ago
|
||
That looks like widget level code to me... nsNativeTheme and moz-appearance implementations and all that jazz. Jim Mathies would know more than me if you need more details than that.
Flags: needinfo?(gijskruitbosch+bugs) → needinfo?(jmathies)
|
||
Comment 8•8 years ago
|
||
Looks like it's not a failure on individual widgets, more of a general failure. So the cause is going to be somewhere in here: http://mxr.mozilla.org/mozilla-central/source/widget/windows/nsNativeThemeWin.cpp#2592 Might be that pres shell variable set up, or more likely it's in the GetTheme code - http://mxr.mozilla.org/mozilla-central/source/widget/windows/nsUXThemeData.cpp#66 Maybe HWND shouldn't be null here? The docs don't say this is acceptable, but clearly it's working generally. Throw in virtual desktops and who knows.
Flags: needinfo?(jmathies)
|
|
Assignee | |
Comment 9•7 years ago
|
||
This only appears to be a problem when we use an alternate winstation as well as desktop. So we should be able to land the alternate desktop on Nightly. I'll leave this bug for looking into using an alternate winstation.
Summary: Windows content sandbox with alternate desktop causes problems for common controls theme support → Windows content sandbox with alternate winstation causes problems for common controls theme support
|
||
Comment 10•7 years ago
|
||
What is the value in the alternate window station? Does it provide a security boundary? Is there anything that stops a thread from doing SetProcessWindowStation(OpenWindowStation("Winsta0", FALSE, WINSTA_ALL_ACCESS)) ?
If there isn't, I'd say that the point is moot.|
|
||
Updated•7 years ago
|
Whiteboard: sb+
|
||
Comment 11•6 years ago
|
||
The list of "access rights" from https://msdn.microsoft.com/en-us/library/windows/desktop/ms687391(v=vs.85).aspx seems to basically describe the security boundary winstations enforce.
|
|
Assignee | |
Comment 12•6 years ago
|
||
(In reply to Alex Gaynor [:Alex_Gaynor] from comment #11) > The list of "access rights" from > https://msdn.microsoft.com/en-us/library/windows/desktop/ms687391(v=vs.85). > aspx seems to basically describe the security boundary winstations enforce. Those are for access rights generally to do things to/with a particular Windows Station (or Windows Station owner) I think, not necessarily what running in that winstation provides. I think the theming is probably broken because the alternate Windows Station is necessarily a non-interactive one.
|
|
||
Comment 13•6 years ago
|
||
It looks like the primary resources a WinStation has are a clipboard, and an atom table (not sure what this is tbh).
|
|
Assignee | |
Updated•1 year ago
|
Assignee: nobody → bobowencode
Severity: normal → N/A
Status: NEW → ASSIGNED
Type: defect → enhancement
OS: Windows 8.1 → Windows
Priority: -- → P1
|
|
Assignee | |
Comment 14•1 year ago
|
||
|
|
Assignee | |
Comment 15•1 year ago
|
||
|
||
Comment 16•1 year ago
|
||
Pushed by bobowencode@gmail.com: https://hg.mozilla.org/integration/autoland/rev/bba7c74dafae Use an alternate winstation for the content process sandbox. r=cmartin
|
||
Comment 17•1 year ago
|
||
Backed out for causing marionette test failures
Backout link: https://hg.mozilla.org/integration/autoland/rev/3f25345c1002fd20b96788a696827f6dcf1d1886
Log link: https://treeherder.mozilla.org/logviewer?job_id=366342030&repo=autoland&lineNumber=39508
Flags: needinfo?(bobowencode)
|
||
Comment 18•1 year ago
|
||
|
||
Comment 19•1 year ago
|
||
[Remote] failure log: https://treeherder.mozilla.org/logviewer?job_id=366351135&repo=autoland
|
|
||
Comment 20•1 year ago
|
||
Pushed by bobowencode@gmail.com: https://hg.mozilla.org/integration/autoland/rev/13bebbfea591 Use an alternate winstation for the content process sandbox. r=cmartin
|
||
Comment 21•1 year ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 1 year ago
status-firefox98:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 98 Branch
|
|
Assignee | |
Updated•1 year ago
|
Flags: needinfo?(bobowencode)
You need to log in
before you can comment on or make changes to this bug.
Description
•