Closed
Bug 131025
Opened 22 years ago
Closed 22 years ago
Remove "trusted codebase" mechanism
Categories
(Core :: Security, defect)
Core
Security
Tracking
()
VERIFIED
FIXED
mozilla1.0
People
(Reporter: security-bugs, Assigned: security-bugs)
Details
Attachments
(1 file, 1 obsolete file)
30.86 KB,
patch
|
security-bugs
:
review+
security-bugs
:
superreview+
asa
:
approval+
|
Details | Diff | Splinter Review |
In November I added a mechanism for allowing unsigned content to enable privileges without enabling codebase principals generally. This isn't really a safe thing to do - it means we're trusting DNS to verify the identity of a remote site, and DNS isn't meant to be a secure verification of identity. This feature was checked in as a temporary measure, and I'd like to remove it now so as to encourace the use of more secure methods (signed scripts).
Assignee | ||
Updated•22 years ago
|
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.0
Assignee | ||
Comment 1•22 years ago
|
||
Here's a fix for this bug, and these others: 128861, 131342, 131340, 128697.
Comment 2•22 years ago
|
||
replace |new PLDHashTable()| with PL_NewHashTable() and call PL_DHashTableDestroy() to destroy a pldhash in stead of deleting it. + if (myScheme.Equals("http")) + defaultPort = 80; What about "https"? +NS_NAMED_LITERAL_CSTRING(sPolicyPrefix, "capability.policy."); Make this static. With that, sr=jst
Comment on attachment 74465 [details] [diff] [review] Patch - also includes some other fixes >@@ -403,6 +408,7 @@ > PRBool mIsWritingPrefs; > nsCOMPtr<nsIThreadJSContextStack> mJSContextStack; > PRBool mNameSetRegistered; >+ PRBool mPolicyPrefsChanged; > }; Can you replace PRBool with PRPackedBool? >+ nsCOMPtr<nsIURI> myBaseURI(mURI); >+ while((jarURI = do_QueryInterface(myBaseURI))) >+ { >+ jarURI->GetJARFile(getter_AddRefs(myBaseURI)); >+ } Are you sure myBaseURI will always be a valid memory? If yes then please add a comment supporting that. >+ nsCOMPtr<nsIIOService> ioService( >+ do_GetService(NS_IOSERVICE_CONTRACTID)); >+ if (!ioService) >+ return rv; What is rv here? Shouldn't this be do_GetService(NS_IOSERVICE_CONTRACTID, &rv)); or something like that?
>+ else if (otherScheme.Equals("imap") || >+ otherScheme.Equals("mailbox") || >+ otherScheme.Equals("news")) Correct the indendation.
Assignee | ||
Comment 5•22 years ago
|
||
This incorporates the above comments.
Attachment #74465 -
Attachment is obsolete: true
Assignee | ||
Comment 6•22 years ago
|
||
Comment on attachment 74865 [details] [diff] [review] Patch 2, with changes With those changes, I'm going to assume I have r and sr.
Attachment #74865 -
Flags: superreview+
Attachment #74865 -
Flags: review+
Comment 7•22 years ago
|
||
Comment on attachment 74865 [details] [diff] [review] Patch 2, with changes a=asa (on behalf of drivers) for checkin to the 1.0 trunk
Attachment #74865 -
Flags: approval+
Assignee | ||
Comment 8•22 years ago
|
||
Checked in on trunk. Would like to check this into the 0.9.9 branch too.
Whiteboard: needs review and a= → fixed on trunk, need 0.9.9
Assignee | ||
Comment 9•22 years ago
|
||
Never mind, fix for 0.9.9 is not needed. Marking fixed.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Whiteboard: fixed on trunk, need 0.9.9
Comment 10•22 years ago
|
||
Marking verified as per above developer comments.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•