Closed Bug 1360556 Opened 8 years ago Closed 8 years ago

[mac] Restrict read-access to temporary files directory to only _our_ temporary files

Categories

(Core :: Security: Process Sandboxing, enhancement)

Product:

Component:

Platform:

All

macOS

Type:

enhancement

Priority:

Not set

Severity:

normal

Tracking

()

Status:

RESOLVED DUPLICATE of bug 1360356

People

(Reporter: Alex_Gaynor, Unassigned)

References

(Blocks 1 open bug)

Details

Alex Gaynor [:Alex_Gaynor]

Reporter

Description

•

8 years ago

Bug 1201935 added access to _all_ application's temporary items: https://dxr.mozilla.org/mozilla-central/source/security/sandbox/mac/SandboxPolicies.h?q=Library%2FCaches%2FTemporaryItems&redirect_type=single#320-322 Based on the description in that issue, it looks like that should have been superceded by the app-specific temporary directory access we allow here: https://dxr.mozilla.org/mozilla-central/source/security/sandbox/mac/SandboxPolicies.h?q=Library%2FCaches%2FTemporaryItems&redirect_type=single#324-328 In the event that old-style addons really needs all temporary directories, this will have to wait until support for them is dropped (57? 58? I'm not good at the numbers yet)

Alex Gaynor [:Alex_Gaynor]

Reporter

Updated

•

8 years ago

Status: NEW → RESOLVED

Closed: 8 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.