Closed
Bug 1421018
Opened 7 years ago
Closed 7 years ago
Block TBNotifier.exe from accessing accessible services
Categories
(Core :: Disability Access APIs, enhancement)
Core
Disability Access APIs
Tracking
()
RESOLVED
FIXED
mozilla59
| Tracking | Status | |
|---|---|---|
| firefox59 | --- | fixed |
People
(Reporter: jimm, Assigned: eeejay)
References
Details
Attachments
(1 file, 1 obsolete file)
David and I agree, this is basically malware and is unwanted. We can block access to this client.
|
Reporter | |
Comment 1•7 years ago
|
||
Things we need to do here:
1) Since the blocklist code for exe checking isn't implemented yet, we'll need to add it. This shouldn't be a lot of work, we're just talking about walking over a list of strings and doing some safe string comparing.
There's a place holder for the check [1] in the code currently. We need a new static exe list in addition to the existing dll list [2], and we need to walk over that list and check it against the a11y instantiator we detect, which we have as a nsIFile [3].
I would also suggest adding a new environment variable for disabling the exe check, similar to the dll module check. We might want to rename the existing env variable [4] to something more appropriate. I think it might be useful to have switches for both block lists features.
[1] https://searchfox.org/mozilla-central/rev/7f45cb7cc0229398fc99849bdc150cb6462d6966/accessible/windows/msaa/LazyInstantiator.cpp#295
[2] https://searchfox.org/mozilla-central/rev/7f45cb7cc0229398fc99849bdc150cb6462d6966/accessible/windows/msaa/LazyInstantiator.cpp#231
[3] https://searchfox.org/mozilla-central/rev/7f45cb7cc0229398fc99849bdc150cb6462d6966/accessible/windows/msaa/LazyInstantiator.cpp#287
[4] https://searchfox.org/mozilla-central/rev/7f45cb7cc0229398fc99849bdc150cb6462d6966/accessible/windows/msaa/LazyInstantiator.cpp#248
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → eitan
|
|
Assignee | |
Comment 2•7 years ago
|
||
(In reply to Jim Mathies [:jimm] from comment #1)
> I would also suggest adding a new environment variable for disabling the exe
> check, similar to the dll module check. We might want to rename the existing
> env variable [4] to something more appropriate. I think it might be useful
> to have switches for both block lists features.
>
Why wouldn't you want both block lists to use the same env variable? Is there a case when you want to block remote but not local or vice versa?
|
|
Assignee | |
Updated•7 years ago
|
Flags: needinfo?(jmathies)
|
|
Assignee | |
Comment 3•7 years ago
|
||
I used the same environment variable name for both. I can change that if you think having them be distinct is useful. Couldn't install ask.com notifier, but I tested on inspect.exe and it works.
Attachment #8933825 -
Flags: review?(jmathies)
|
|
Assignee | |
Comment 4•7 years ago
|
||
I guess a needinfo too is excessive.. sorry for the spam.
Flags: needinfo?(jmathies)
|
|
Reporter | |
Comment 5•7 years ago
|
||
Comment on attachment 8933825 [details] [diff] [review]
Create accessible client blocklist and add TBNNotifier.exe. r?jimm
Review of attachment 8933825 [details] [diff] [review]:
-----------------------------------------------------------------
FYI I'm fine with just one env flag for the whole thing.
::: accessible/windows/msaa/LazyInstantiator.cpp
@@ +302,5 @@
> + nsresult rv;
> + if (!PR_GetEnv("MOZ_DISABLE_ACCESSIBLE_BLOCKLIST")) {
> + // Debugging option is not present, so check blocklist.
> + nsAutoString leafName;
> + rv = clientExe->GetLeafName(leafName);
is this retrieving the exe name or a directory name?
Attachment #8933825 -
Flags: review?(jmathies) → review+
|
|
Assignee | |
Comment 6•7 years ago
|
||
(In reply to Jim Mathies [:jimm] from comment #5)
> Comment on attachment 8933825 [details] [diff] [review]
> Create accessible client blocklist and add TBNNotifier.exe. r?jimm
>
> Review of attachment 8933825 [details] [diff] [review]:
> -----------------------------------------------------------------
>
> FYI I'm fine with just one env flag for the whole thing.
>
> ::: accessible/windows/msaa/LazyInstantiator.cpp
> @@ +302,5 @@
> > + nsresult rv;
> > + if (!PR_GetEnv("MOZ_DISABLE_ACCESSIBLE_BLOCKLIST")) {
> > + // Debugging option is not present, so check blocklist.
> > + nsAutoString leafName;
> > + rv = clientExe->GetLeafName(leafName);
>
> is this retrieving the exe name or a directory name?
The exe name. That's what we want. Right?
|
|
Reporter | |
Comment 7•7 years ago
|
||
(In reply to Eitan Isaacson [:eeejay] from comment #6)
> (In reply to Jim Mathies [:jimm] from comment #5)
> > Comment on attachment 8933825 [details] [diff] [review]
> > Create accessible client blocklist and add TBNNotifier.exe. r?jimm
> >
> > Review of attachment 8933825 [details] [diff] [review]:
> > -----------------------------------------------------------------
> >
> > FYI I'm fine with just one env flag for the whole thing.
> >
> > ::: accessible/windows/msaa/LazyInstantiator.cpp
> > @@ +302,5 @@
> > > + nsresult rv;
> > > + if (!PR_GetEnv("MOZ_DISABLE_ACCESSIBLE_BLOCKLIST")) {
> > > + // Debugging option is not present, so check blocklist.
> > > + nsAutoString leafName;
> > > + rv = clientExe->GetLeafName(leafName);
> >
> > is this retrieving the exe name or a directory name?
>
> The exe name. That's what we want. Right?
yep!
|
|
Reporter | |
Comment 8•7 years ago
|
||
Comment on attachment 8933825 [details] [diff] [review]
Create accessible client blocklist and add TBNNotifier.exe. r?jimm
Review of attachment 8933825 [details] [diff] [review]:
-----------------------------------------------------------------
::: accessible/windows/msaa/LazyInstantiator.cpp
@@ +239,5 @@
> +/**
> + * This is the blocklist for known "bad" remote clients that instantiate a11y.
> + */
> +static const char* gBlockedRemoteClients[] = {
> + "TBNNotifier.exe" // Ask.com Toolbar, bug 1421018
All of our existing blocklists use lower case, you should follow that here as well.
|
|
Assignee | |
Comment 9•7 years ago
|
||
|
|
Assignee | |
Updated•7 years ago
|
Attachment #8933825 -
Attachment is obsolete: true
|
|
Assignee | |
Updated•7 years ago
|
Keywords: checkin-needed
|
|
Assignee | |
Comment 10•7 years ago
|
||
(In reply to Jim Mathies [:jimm] from comment #8)
> All of our existing blocklists use lower case, you should follow that here
> as well.
Done!
|
||
Comment 11•7 years ago
|
||
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/cda85f961db4
Create accessible client blocklist and add TBNNotifier.exe. r=jimm
Keywords: checkin-needed
|
||
Comment 12•7 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
You need to log in
before you can comment on or make changes to this bug.
Description
•