Closed Bug 1258844 Opened 7 years ago Closed 7 years ago

Exploratory work: COM RPC to sandboxed process


(Core :: Disability Access APIs, defect)

Not set



Tracking Status
firefox48 --- affected


(Reporter: bugzilla, Assigned: bugzilla)


(Blocks 1 open bug)


I'm creating this bug as a container to hold the information that I am researching to determine the feasibility of the design that I have in mind.

In order for a11y clients to communicate directly with content, COM over RPC must be able to successfully connect to a sandboxed process.

I have resurrected a test sandbox that I had written three years ago for GMP sandboxing research as a testbed for trying out these ideas.

The comtest program that is built in that project implements a simple COM interface. That interface is proxied and serialized in the sandbox and then passed via shared memory into the parent process, which deserializes the proxy and then uses the proxy to successfully call a function on that test interface.

The main caveat is that the DLL that contains the CLSID who is responsible for proxy and stub functionality must be available to the sandbox, either via ACLs on the DLL or by punching a hole in the sandbox to allow it.
You may already be aware, but just in case here's a section explaining why clients such as NVDA like to do things in-process in Firefox, to give users an acceptable user experience:
Ooh, thanks for the reference, Marco!

My goal is to make this implementation so good that no more alternatives will be necessary. :-)
I just updated comtest to use a stubbed-out IAccessible instead of ITest. That worked as well.

I also learned that the proxy/stub marshaling for IAccessible resides in oleaut32.dll.
I'm marking this as resolved; I think that I've learned everything that I need to know for the time being.
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.