Closed
Bug 1220045
Opened 9 years ago
Closed 7 years ago
Remove permissions from manifest, Nsec package still can use sensitive API
Categories
(Firefox OS Graveyard :: Infrastructure, defect, P2)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: mlien, Assigned: arroway)
References
Details
[Reproduce Steps] 1. Enable two preferences "network.http.enable-packaged-apps" and "network.http.signed-packages.enabled" 2. Set "network.http.signed-packages.trusted-root" to "http://people.mozilla.org/~mlien/" 3. Navigate to "http://people.mozilla.org/~mlien/recorder_no_permission.pak!//index.html" [Expected Result] Cannot use sensitive API [Actual Result] Still can use sensitive API [Build Information] Build ID 20151030012907 Gaia Revision 91cac94948094cfdcd00cba5c6483e27e80cb3b0 Gaia Date 2015-10-28 20:32:15 Gecko Revision https://hg.mozilla.org/mozilla-central/rev/b41b92c09fcf94d077a54297aea1dc675b161a9d Gecko Version 45.0a1 Device Name aries Firmware(Release) 4.4.2 Firmware(Incremental) eng.worker.20151030.004657 Firmware Date Fri Oct 30 00:47:05 UTC 2015 Bootloader s1 [Reproduce Rate] 100%
Reporter | ||
Updated•9 years ago
|
QA Whiteboard: [COM=NSec]
Comment 1•9 years ago
|
||
We should test this bug from the scratch after bug 1178526 is resolved.
Depends on: 1178526
Priority: -- → P1
Reporter | ||
Comment 2•9 years ago
|
||
verify again with the latest build, even bug 1178526 is fixed but package still be able to use sensitive APIs even no permission in manifest Build Information: Build ID 20151118043538 Gaia Revision 28d63cf3bdc4417f7ad8cab2230f096bf9f6d3b5 Gaia Date 2015-11-17 07:35:12 Gecko Revision https://hg.mozilla.org/mozilla-central/rev/eb3016abd37db2e6a6d923265047e84b12c0af61 Gecko Version 45.0a1 Device Name aries Firmware(Release) 4.4.2 Firmware(Incremental) eng.worker.20151118.035413 Firmware Date Wed Nov 18 03:54:21 UTC 2015 Bootloader s1
Comment 3•9 years ago
|
||
This bug is critical. Henry, could you help investigate this bug? Or anyone you can recommend?
Flags: needinfo?(hchang)
Comment 4•9 years ago
|
||
Actually I pointed this bug out like two months ago but just no one to fix it. The cause is we don't remove permissions while registering new ones.
Flags: needinfo?(hchang)
Comment 5•9 years ago
|
||
(In reply to Henry Chang [:henry] from comment #4) > Actually I pointed this bug out like two months ago but just no one to fix > it. The cause is we don't remove permissions while registering new ones. Discussed with Henry offline. This bug is not really so critical since the reproduction scenario is not a common use case. (We don't remove privileged permissions from an app/package quite often). Let us lower the priority of this bug. Meanwhile, Steph, could you provide a direction on how to resolve this issue? (Henry told me that you are familiar with this part of codes).
Flags: needinfo?(stephouillon)
Priority: P1 → P2
Comment 6•9 years ago
|
||
audio-capture is allowed for all kinds of apps. https://dxr.mozilla.org/mozilla-central/source/dom/apps/PermissionsTable.jsm#363
Reporter | ||
Comment 7•9 years ago
|
||
(In reply to Henry Chang [:henry] from comment #6) > audio-capture is allowed for all kinds of apps. > > https://dxr.mozilla.org/mozilla-central/source/dom/apps/PermissionsTable. > jsm#363 If that means manifest's permission declaration doesn't affect any permission check?
Comment 8•9 years ago
|
||
I don't know what it's suppose to be for web-app-allowed permission :( but I am sure for privileged permission the manifest matters
Comment 9•9 years ago
|
||
I guess the answer is yes for web-app-allowed permission. For example, google maps doesn't have any manifest but it can still have geolocation permission.
Assignee | ||
Updated•9 years ago
|
Assignee: nobody → stephouillon
Flags: needinfo?(stephouillon)
Assignee | ||
Updated•7 years ago
|
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•