Closed
Bug 1385712
Opened 6 years ago
Closed 6 years ago
Greasemonkey broken with content process sandboxing (number 2 and higher)
Categories
(Core :: Security: Process Sandboxing, defect, P1)
Tracking
()
RESOLVED
DUPLICATE
of bug 1385891
People
(Reporter: janekptacijarabaci, Unassigned)
References
Details
(Whiteboard: sb+)
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:45.9) Gecko/20100101 Goanna/3.2 Firefox/45.9 PaleMoon/27.4.0 Build ID: 20170710132621 Steps to reproduce: On Linux ([default] "security.sandbox.content.level" = "3"), click the icon of Greasemonkey, throws an error in Browser Console: ******************************************************************************** TypeError: el is null emptyEl.js:4:10 ******************************************************************************** Last good: Firefox 56.0a1 (2017-07-25) Built from https://hg.mozilla.org/mozilla-central/rev/131e19a573e901fb4d01b471b11b7916420b9fee First bad: Firefox 56.0a1 (2017-07-26) Built from https://hg.mozilla.org/mozilla-central/rev/e8400551c2e39f24c75a009ebed496c7acd7bf47 Pushlog https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=131e19a573e901fb4d01b471b11b7916420b9fee&tochange=e8400551c2e39f24c75a009ebed496c7acd7bf47 Ad: https://github.com/greasemonkey/greasemonkey/blob/3.11/content/browser.js#L288 "mm" == "[object ChromeMessageSender]", but this callbacks: https://github.com/greasemonkey/greasemonkey/blob/3.11/modules/processScript.js#L16 (https://github.com/greasemonkey/greasemonkey/blob/3.11/modules/processScript.js#L30) https://github.com/greasemonkey/greasemonkey/blob/3.11/content/browser.js#L294 does not work (it never gets inside). Bug 1382329 is the suspect (maybe). But I cannot simulate it with Scratchpad (this is probably the one content (?)), e.g. (this message ("I am here!") appears in the console log): ******************************************************************************** let messageName = "greasemonkey:message"; function framescript() { let messageName = "greasemonkey:message"; this.addMessageListener(messageName, any); function any(aMessage) { let consoleService = Components.classes["@mozilla.org/consoleservice;1"] .getService(Components.interfaces.nsIConsoleService); consoleService.logStringMessage("I am here!"); } } let globalMessageManager = Components.classes["@mozilla.org/globalmessagemanager;1"] .getService(Components.interfaces.nsIMessageListenerManager); globalMessageManager.loadFrameScript( "data:text/javascript,(" + framescript.toString() + ")();", false); var mm = getBrowser().mCurrentBrowser.frameLoader.messageManager; mm.sendAsyncMessage(messageName, {}); ******************************************************************************** Temporary fix: "security.sandbox.content.level" = "1" ******************************************************************************** See also: https://github.com/greasemonkey/greasemonkey/issues/2533 (https://github.com/greasemonkey/greasemonkey/issues/2533#issuecomment-318616158) ******************************************************************************** On Windows I don't see this problem. ******************************************************************************** Thank you in advance for a fix.
Reporter | ||
Updated•6 years ago
|
OS: Unspecified → Linux
Hardware: Unspecified → x86_64
Reporter | ||
Updated•6 years ago
|
Reporter | ||
Updated•6 years ago
|
Comment 1•6 years ago
|
||
This looks to be because the linux read restrictions don't currently whitelist $PROFILE/extensions, as is done on macOS and Windows.
Comment 2•6 years ago
|
||
This is probably fixed by bug 1385891.
Comment 3•6 years ago
|
||
Reporter, can you confirm this is working again in current Nightly?
Flags: needinfo?(janekptacijarabaci)
Reporter | ||
Comment 4•6 years ago
|
||
I'm sorry but the problem persists. Both problems (respectively), i.e.: NS_ERROR_FILE_ACCESS_DENIED: Component returned failure code: 0x80520015 (NS_ERROR_FILE_ACCESS_DENIED) [nsIStringBundle.GetStringFromName] sandbox.js: Cc["@mozilla.org/intl/stringbundle;1"] .getService(Ci.nsIStringBundleService) .createBundle("chrome://greasemonkey/locale/greasemonkey.properties") .GetStringFromName("[a string]");
Flags: needinfo?(janekptacijarabaci)
Comment 5•6 years ago
|
||
My fault, I messed up the fix for bug 1385891.
![]() |
||
Updated•6 years ago
|
Priority: -- → P1
Whiteboard: sb+
Reporter | ||
Comment 6•6 years ago
|
||
Confirmed (Firefox Nightly 57.0a1 (2017-08-08)). I propose to close it.
Comment 7•6 years ago
|
||
Alright, I'll dupe it to the bug that caused it.
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•