Closed
Bug 1153428
(nsec-isolation)
Opened 10 years ago
Closed 8 years ago
[META] Tracking bug for Process Isolation implementation of New Security Model
Categories
(Firefox OS Graveyard :: General, defect, P1)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: jgong, Assigned: kanru)
References
Details
(Whiteboard: [newsecurity])
User Story
This is a V3 initiative for a New Security Model. https://wiki.mozilla.org/FirefoxOS/New_security_model This Meta Bug is for tracking the "Process Isolation" implementation, a sub-component of the bigger New Security Model project. https://wiki.mozilla.org/FirefoxOS/New_security_model#Process_isolation ***** Process Isolation In order to ensure that only signed content can access the APIs that it has been signed for, we want to always use separate child processes to run such content. This means that when a user navigates from an unsigned page to a signed page, that we need to switch which process render the pages. Right now this can only be done by creating a new <iframe mozbrowser>. However only Gecko knows that a particular URL is signed. Gaia could not simply look at a URL to know if it will return signed content or not. And Gecko only knows that it's signed content once response data starts arriving. Even if we add some way for gecko to signal to the <iframe mozbrowser> embedder that a new <iframe mozbrowser> needs to be created, this will make going "back"/"forward" between the two very messy.
This is a V3 initiative for a New Security Model. https://wiki.mozilla.org/FirefoxOS/New_security_model
This Meta Bug is for tracking the "Process Isolation" implementation, a sub-component of the bigger New Security Model project. https://wiki.mozilla.org/FirefoxOS/New_security_model#Process_isolation
|
Reporter | |
Updated•10 years ago
|
User Story: (updated)
No longer depends on: nsec-signing
Summary: [META] Tracking bug for Signing implementation of New Security Model → [META] Tracking bug for Process Isolation implementation of New Security Model
|
|
Reporter | |
Updated•10 years ago
|
Blocks: nsec-installing
|
|
Reporter | |
Updated•10 years ago
|
No longer blocks: nsec-installing
|
|
Reporter | |
Updated•10 years ago
|
Blocks: nsec-signing
|
|
Reporter | |
Updated•10 years ago
|
Blocks: nsec-origins
|
|
Reporter | |
Updated•10 years ago
|
|
|
Reporter | |
Updated•10 years ago
|
|
|
Reporter | |
Updated•10 years ago
|
|
|
Reporter | |
Updated•10 years ago
|
Blocks: nsec-installing
No longer depends on: nsec-installing
|
|
Reporter | |
Updated•10 years ago
|
Blocks: nsec-signing
No longer depends on: nsec-signing
|
|
Reporter | |
Updated•10 years ago
|
Blocks: nsec-verify
No longer depends on: nsec-verify
|
|
Reporter | |
Updated•10 years ago
|
Whiteboard: [NewSecurity] → [newsecurity]
|
|
Reporter | |
Updated•10 years ago
|
Priority: -- → P1
|
||
Updated•9 years ago
|
No longer blocks: nsec-signing
|
|
||
Updated•9 years ago
|
No longer blocks: nsec-verify
|
|
||
Updated•9 years ago
|
Alias: nsec-isolation
No longer depends on: nsec-origins
|
|
||
Updated•9 years ago
|
No longer blocks: nsec-installing
|
|
||
Updated•9 years ago
|
blocking-b2g: --- → 2.5+
|
||
Updated•8 years ago
|
Component: Security → General
Product: Firefox → Firefox OS
|
|
Reporter | |
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•