Open Bug 1198475 Opened 9 years ago Updated 2 years ago

Mochitest log file opened directly in content process

Tracking

()

Status:

NEW

Tracking Flags:

Tracking

Status

firefox43

---

affected

People

(Reporter: jld, Unassigned)

References

(Blocks 2 open bugs)

Details

(Whiteboard: sb+)

Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧

Reporter

Description

•

9 years ago

Mochitests write to a log file opened in the content process after sandbox startup, which is a problem. Worse, the file name is supplied as part of the query string in the content URL, so the parent doesn't directly have access to it in order to whitelist it. For B2G it might be enough to hard-code "/data/local/tests/log/mochitest.log", but a better solution would be to use the message manager to remote the logging to the parent. (Note that test runs have no real security, due to SpecialPowers, but running them with sandboxing configured as close to normally as possible is important for preventing regressions.)

Jim Mathies [:jimm]

Updated

•

9 years ago

Blocks: sb-test

Jim Mathies [:jimm]

Updated

•

9 years ago

Whiteboard: sb+

Jim Mathies [:jimm]

Updated

•

7 years ago

Blocks: sb-log

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Mochitest log file opened directly in content process

Categories

(Core :: Security: Process Sandboxing, defect)

Tracking

()

People

(Reporter: jld, Unassigned)

References

(Blocks 2 open bugs)

Details

(Whiteboard: sb+)

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated

Updated