Closed
Bug 1322370
Opened 8 years ago
Closed 7 years ago
Disable camera access in the Mac content sandbox
Categories
(Core :: Security: Process Sandboxing, defect)
Tracking
()
RESOLVED
FIXED
mozilla53
People
(Reporter: haik, Assigned: haik)
Details
(Whiteboard: sbmc2)
Attachments
(1 file)
59 bytes,
text/x-review-board-request
|
jimm
:
review+
jcristau
:
approval-mozilla-aurora+
|
Details |
With the fix for bug 1104616 the content process should not need web camera access. This fix is to remove the camera allowance in the Mac sandbox rules. With the "(allow device-camera)" rule removed, try unit tests passed and talky.io appeared to work as before. I'm working on a method to validate that this change does indeed prevent content from accessing the camera.
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → haftandilian
Whiteboard: sbmc2
Assignee | ||
Comment 1•8 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=9a450bf94816adff9f58cccaf2bbad0aa450442f
Assignee | ||
Comment 2•7 years ago
|
||
For validation, I added a test to the work I'm doing (not integrated yet) on bug 1309394 that loads a Mac .dylib file and executes an exported function that returns the number of available cameras. (See the AVFoundation Programming Guide on https://developer.apple.com.) 1 int GetNumberOfCameras(void) { 2 int numCameras = 0; 3 4 NSArray *devices = [AVCaptureDevice devices]; 5 for (AVCaptureDevice *device in devices) { 6 if ([device hasMediaType:AVMediaTypeVideo]) { 7 numCameras++; 8 } 9 } 10 11 return (numCameras); 12 } Without the change to the sandbox policy, the function returns 1 on my MacBook equipped with a front facing camera. With the change to remove camera permission from the sandbox, the function returns 0--no cameras found. I haven't done the plumbing yet to build the dylib for the test execution, but I'm planning to move forward with this fix first.
Comment hidden (mozreview-request) |
Comment 4•7 years ago
|
||
mozreview-review |
Comment on attachment 8820892 [details] Bug 1322370 - Disable camera access in the Mac content sandbox; https://reviewboard.mozilla.org/r/100278/#review101106
Attachment #8820892 -
Flags: review+
Comment hidden (mozreview-request) |
Assignee | ||
Updated•7 years ago
|
Keywords: checkin-needed
Pushed by ihsiao@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/159eb0f5dcae Disable camera access in the Mac content sandbox; r=jimm
Keywords: checkin-needed
Comment 7•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/159eb0f5dcae
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
Assignee | ||
Comment 8•7 years ago
|
||
Comment on attachment 8820892 [details] Bug 1322370 - Disable camera access in the Mac content sandbox; Approval Request Comment [Feature/Bug causing the regression]: None [User impact if declined]: A compromised content process can access [Is this code covered by automated tests?]: No, but that is being worked on. [Has the fix been verified in Nightly?]: Yes. [Needs manual test from QE? If yes, steps to reproduce]: No [List of other uplifts needed for the feature/fix]: None [Is the change risky?]: Low risk. [Why is the change risky/not risky?]: There are no changes to executable code, just the Mac content sandbox ruleset to remove access to the camera. This leverages work already done to proxy camera access through the parent process. [String changes made/needed]: None
Attachment #8820892 -
Flags: approval-mozilla-aurora?
Assignee | ||
Comment 9•7 years ago
|
||
For testing on Aurora 52, I used the same approach described in comment 2. Try results for Aurora 52: https://treeherder.mozilla.org/#/jobs?repo=try&revision=85f1bede4d2d98e5bf0ac22b601a0d62763d6783
Comment 10•7 years ago
|
||
Comment on attachment 8820892 [details] Bug 1322370 - Disable camera access in the Mac content sandbox; tighten mac content sandbox, aurora52+
Attachment #8820892 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Comment 11•7 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-aurora/rev/9d14fb0994cc
status-firefox52:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•