Closed Bug 1167098 Opened 6 years ago Closed 4 years ago

IPC change for the new FirefoxOS security model

Categories

(Core :: DOM: Content Processes, defect, P2)

defect

Tracking

()

RESOLVED WONTFIX
FxOS-S8 (02Oct)
Tracking Status
firefox41 --- affected

People

(Reporter: allstars.chh, Unassigned)

References

Details

Quote from Jonas:

What this is about is to get rid of essentially all of the
AssertApp* functions from [1] and just keep AssertAppPrincipal (which
is poorly named) and CheckPermission.

Any time a sensitive API in the child process sends a message to the
parent process, it should send along the nsIPrincipal of the page that
called the API.

In the parent process we should then take that nsIPrincipal and call
AssertAppPrincipal to make sure that the child process didn't lie
about the nsIPrincipal.

Then we can call any normal APIs to check if a page with the given
nsIPrincipal. For example we can get the app type directly from the
nsIPrincipal, or we can call the nsIPermissionManager if the given
principal has some specific permission.

[1] http://mxr.mozilla.org/mozilla-central/source/dom/ipc/AppProcessChecker.h
Summary: IPC change for the FirefoxOS new security model → IPC change for the new FirefoxOS security model
Component: IPC → DOM: Content Processes
No longer depends on: 1191740
Priority: -- → P2
Target Milestone: --- → FxOS-S8 (02Oct)
Assignee: nobody → ptheriault
Status: NEW → ASSIGNED
Assignee: ptheriault → nobody
Status: ASSIGNED → NEW
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.