Closed
Bug 1280943
Opened 8 years ago
Closed 2 years ago
Parent and child HSTS states go out of sync
Categories
(Core :: Security: PSM, defect, P3)
Core
Security: PSM
Tracking
()
RESOLVED
DUPLICATE
of bug 1689191
People
(Reporter: simon.lindholm10, Unassigned)
References
Details
(Whiteboard: [psm-backlog])
DataStorage::Init does the following in child processes:
> InfallibleTArray<DataStorageItem> items; // received from parent
> for (auto& item : items) {
> Entry entry;
> entry.mValue = item.value();
> PutInternal(item.key(), entry, item.type(), lock); // (+error checking)
> }
This causes the entries to get default mScore and mLastAccessed values, instead of the proper ones held only by the parent process, which makes the eviction logic behave differently between parent and child.
For instance, an attacker could evict all cached, non-preloaded HSTS entries from the child by adding a few thousand dummy HSTS entries that occur late in the hash table order. From what I read this this isn't really a security problem, though.
|
||
Updated•8 years ago
|
Priority: -- → P1
Whiteboard: [psm-backlog]
|
|
||
Updated•8 years ago
|
Priority: P1 → P2
|
||
Comment 1•6 years ago
|
||
Moving to p3 because no activity for at least 1 year(s).
See https://github.com/mozilla/bug-handling/blob/master/policy/triage-bugzilla.md#how-do-you-triage for more information
Priority: P2 → P3
|
|
||
Comment 2•2 years ago
|
||
As of bug 1689191, DataStorage is only used in the main process.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•