Closed
Bug 1220045
Opened 9 years ago
Closed 8 years ago
Remove permissions from manifest, Nsec package still can use sensitive API
Categories
(Firefox OS Graveyard :: Infrastructure, defect, P2)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: mlien, Assigned: arroway)
References
Details
[Reproduce Steps]
1. Enable two preferences "network.http.enable-packaged-apps" and "network.http.signed-packages.enabled"
2. Set "network.http.signed-packages.trusted-root" to "http://people.mozilla.org/~mlien/"
3. Navigate to "http://people.mozilla.org/~mlien/recorder_no_permission.pak!//index.html"
[Expected Result]
Cannot use sensitive API
[Actual Result]
Still can use sensitive API
[Build Information]
Build ID 20151030012907
Gaia Revision 91cac94948094cfdcd00cba5c6483e27e80cb3b0
Gaia Date 2015-10-28 20:32:15
Gecko Revision https://hg.mozilla.org/mozilla-central/rev/b41b92c09fcf94d077a54297aea1dc675b161a9d
Gecko Version 45.0a1
Device Name aries
Firmware(Release) 4.4.2
Firmware(Incremental) eng.worker.20151030.004657
Firmware Date Fri Oct 30 00:47:05 UTC 2015
Bootloader s1
[Reproduce Rate]
100%
Reporter | ||
Updated•9 years ago
|
QA Whiteboard: [COM=NSec]
Comment 1•9 years ago
|
||
We should test this bug from the scratch after bug 1178526 is resolved.
Depends on: 1178526
Priority: -- → P1
Reporter | ||
Comment 2•9 years ago
|
||
verify again with the latest build, even bug 1178526 is fixed but package still be able to use sensitive APIs even no permission in manifest
Build Information:
Build ID 20151118043538
Gaia Revision 28d63cf3bdc4417f7ad8cab2230f096bf9f6d3b5
Gaia Date 2015-11-17 07:35:12
Gecko Revision https://hg.mozilla.org/mozilla-central/rev/eb3016abd37db2e6a6d923265047e84b12c0af61
Gecko Version 45.0a1
Device Name aries
Firmware(Release) 4.4.2
Firmware(Incremental) eng.worker.20151118.035413
Firmware Date Wed Nov 18 03:54:21 UTC 2015
Bootloader s1
Comment 3•9 years ago
|
||
This bug is critical. Henry, could you help investigate this bug? Or anyone you can recommend?
Flags: needinfo?(hchang)
Comment 4•9 years ago
|
||
Actually I pointed this bug out like two months ago but just no one to fix it. The cause is we don't remove permissions while registering new ones.
Flags: needinfo?(hchang)
Comment 5•9 years ago
|
||
(In reply to Henry Chang [:henry] from comment #4)
> Actually I pointed this bug out like two months ago but just no one to fix
> it. The cause is we don't remove permissions while registering new ones.
Discussed with Henry offline.
This bug is not really so critical since the reproduction scenario is not a common use case.
(We don't remove privileged permissions from an app/package quite often).
Let us lower the priority of this bug.
Meanwhile, Steph, could you provide a direction on how to resolve this issue?
(Henry told me that you are familiar with this part of codes).
Flags: needinfo?(stephouillon)
Priority: P1 → P2
Comment 6•9 years ago
|
||
audio-capture is allowed for all kinds of apps.
https://dxr.mozilla.org/mozilla-central/source/dom/apps/PermissionsTable.jsm#363
Reporter | ||
Comment 7•9 years ago
|
||
(In reply to Henry Chang [:henry] from comment #6)
> audio-capture is allowed for all kinds of apps.
>
> https://dxr.mozilla.org/mozilla-central/source/dom/apps/PermissionsTable.
> jsm#363
If that means manifest's permission declaration doesn't affect any permission check?
Comment 8•9 years ago
|
||
I don't know what it's suppose to be for web-app-allowed permission :( but I am sure for privileged permission the manifest matters
Comment 9•9 years ago
|
||
I guess the answer is yes for web-app-allowed permission. For example, google maps doesn't have any manifest but it can still have geolocation permission.
Assignee | ||
Updated•9 years ago
|
Assignee: nobody → stephouillon
Flags: needinfo?(stephouillon)
Assignee | ||
Updated•8 years ago
|
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•