Open Bug 1257098 Opened 8 years ago Updated 2 years ago

No sandboxing support in xpcshell

Categories

(Core :: Security: Process Sandboxing, defect, P2)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
Unspecified
All
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox48 --- affected

People

(Reporter: bugzilla, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: sb+) 

Working on bug 1256541, I see a few problems that I think are going to hurt testability of sandboxing in the long run, especially as sandboxing affects more and more code:

1) xpcshell tests involving content processes do not run with sandboxing enabled. There are no prefs set for it and startup/teardown code is not present;

2) The new NS_APP_CONTENT_PROCESS_TEMP_DIR is not available outside Firefox. During review, bsmedberg was somewhat uncomfortable with the fact that we initialize that directory in a different place from where we retrieve it. I propose that we create a new directory provider specifically for sandboxing to handle this stuff. While we're at it, we should remove the directory creation and deletion I/O operations from the main thread.
Whiteboard: [sb?] → sb+
Flags: needinfo?(aklotz)
We run a lot of tests in child processes from xpcshell.

In addition to the two crashreporter tests, I see 68 occurrences of a JS file being run in a content process from xpcshell, across several distinct components.

https://dxr.mozilla.org/mozilla-central/search?tree=mozilla-central&q=run_test_in_child&redirect=true
Flags: needinfo?(aklotz)
Blocks: sb-test
OS: Unspecified → All
Priority: -- → P2
See Also: → 1622855
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.