Closed Bug 1319881 Opened 4 years ago Closed 3 months ago

Remove UsingNeckoIPCSecurity

Categories

(Core :: Networking, defect, P3)

defect

Tracking

()

RESOLVED FIXED
mozilla77
Tracking Status
firefox77 --- fixed

People

(Reporter: billm, Assigned: samo.golez)

References

Details

(Whiteboard: [necko-next])

Attachments

(1 file, 1 obsolete file)

Currently UsingNeckoIPCSecurity is false or not used on all our tier-1 platforms. This flag makes check that, for example, a content process that's only used for private browsing doesn't access your non-private browsing cookies.

Since the flag is disabled, the code that checks it is pretty much dead (GetValidatedOriginAttributes for example). I think we probably want to be able to enable UsingNeckoIPCSecurity at some point. However, we've seen that it causes crashes even when it's only partially enabled (bug 1317611 and bug 1289001). So if we want to turn it on we'll have to resolve those.

I think we'll need to turn this flag on if we're serious about sandboxing content processes. But it's going to take a bit of investment to make it work.
Whiteboard: [necko-next]
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P2
Moving to p3 because no activity for at least 1 year(s).
See https://github.com/mozilla/bug-handling/blob/master/policy/triage-bugzilla.md#how-do-you-triage for more information
Priority: P2 → P3

As stated in https://phabricator.services.mozilla.com/D71468#inline-419975 this will be follow-up bug for https://bugzilla.mozilla.org/show_bug.cgi?id=1322254 as UsingNeckoIPCSecurity has now constant value.

Assignee: nobody → samo.golez
Status: NEW → ASSIGNED
Summary: Figure out what to do about UsingNeckoIPCSecurity → Remove UsingNeckoIPCSecurity
Attachment #9143159 - Attachment is obsolete: true
Pushed by valentin.gosu@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/62baa75c6241
Remove UsingNeckoIPCSecurity r=valentin,necko-reviewers
Status: ASSIGNED → RESOLVED
Closed: 3 months ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla77
You need to log in before you can comment on or make changes to this bug.