[meta] COM security hardening in sandboxed content

NEW
Unassigned

Status

()

Core
Security: Process Sandboxing
2 years ago
5 months ago

People

(Reporter: aklotz, Unassigned)

Tracking

({meta})

Trunk
Unspecified
Windows
Points:
---

Firefox Tracking Flags

(firefox49 affected)

Details

(Reporter)

Description

2 years ago
We do not want sandboxed content to be able to instantiate COM objects. There are ACL rights pertaining to this stuff.

1) The sandbox should have deny access to that;
2) The COM runtime should probably not have access to the registry keys that are required to do such things;
3) Content is still calling CoCreateInstance for stuff, so we need to find those instances and remote them;
4) We still need COM to work for a11y and maybe a few other instances where we implement COM servers, though they don't call CoCreateInstance or anything.

Any COM activations that we need to remote should be attached as dependencies to this bug.

Updated

a year ago
Whiteboard: sbwc2 → sbwc3
(Reporter)

Updated

6 months ago
Assignee: aklotz → nobody

Updated

5 months ago
Keywords: meta
Summary: Investigate COM security in sandboxed content → [meta] COM security hardening in sandboxed content
Whiteboard: sbwc3
You need to log in before you can comment on or make changes to this bug.