Closed Bug 1363179 Opened 8 years ago Closed 8 years ago

[mac] blacklist read access to /Volumes at level 3

Categories

(Core :: Security: Process Sandboxing, enhancement)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
All
macOS
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla55
Tracking Flags:
Tracking Status
firefox55 --- fixed

People

(Reporter: Alex_Gaynor, Assigned: Alex_Gaynor)

References

Details

(Whiteboard: sbmc2)

Attachments

(1 file)

Bug 1363179 - do not allow content processes to read from /Volumes on macOS
59 bytes, text/x-review-board-request
haik
: review+
Details
I don't think this can be used to access `/Users` or anything, since `/Volumes/Macintosh HD` is a symlink to `/`, but it could be used to access anything on an external HDD or USB drive.
Whiteboard: sbmc2
Comment on attachment 8867339 [details] Bug 1363179 - do not allow content processes to read from /Volumes on macOS https://reviewboard.mozilla.org/r/138860/#review142206
Attachment #8867339 - Flags: review?(haftandilian) → review+
Keywords: checkin-needed
Assignee: nobody → agaynor
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/02f1025c91f8 do not allow content processes to read from /Volumes on macOS r=haik
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/02f1025c91f8
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox55: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
See Also: → 1367560
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: