Closed
Bug 1432825
Opened 7 years ago
Closed 5 years ago
expose an API to get a list of ContentParent actors representing processes containing a window/worker client of a given principal
Categories
(Core :: DOM: Core & HTML, enhancement, P3)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
DUPLICATE
of bug 1491018
People
(Reporter: bkelly, Unassigned)
References
(Blocks 2 open bugs)
Details
We now have some data in the parent process that maps window/worker principal to content process. Its effectively stored in this data structure:
https://searchfox.org/mozilla-central/rev/e3cba77cee3ff1be38313abe9c804d13c51bd95b/dom/clients/manager/ClientManagerService.h#26
We should expose an API that takes a principal and asynchronously returns a list of ContentProcess actors representing the processes that contain a window/worker client with a matching principal. It needs to be asynchronous because the data structure is managed off the main thread.
Once we have this API we can then start using it to validate the principal used in other IPC protocols. If we receive a message from a process claiming to be a principal not in the process then we can treat it as a spoofed message. This will initially be a somewhat weak protection since processes can still lie to the Clients API to create an entry, but once we lock down clients API via one-process-per-origin, etc, then it will automatically make all those other uses equally strong.
It would be nice to start adding this infrastructure now even if we're not at one-process-per-origin yet.
|
||
Comment 1•7 years ago
|
||
Setting as P3 to match the bug it blocks. Ben, is this more critical? or should it be done as part of a coordinated project with 1432831?
Flags: needinfo?(bkelly)
Priority: -- → P3
|
Reporter | |
Comment 2•7 years ago
|
||
This can be done as part of the site isolation work. We might need it for service workers e10s eventually as well so we can pick which process to use to open the service worker thread.
Flags: needinfo?(bkelly)
|
||
Comment 3•6 years ago
|
||
It looks like this is probably identical to Bug 1491018 which I filed to block a bunch of bugs noting places where we need to do the principal validation...
Flags: needinfo?(ben)
See Also: → fission-ipc-map
|
|
Reporter | |
Comment 4•6 years ago
|
||
I'm not working on firefox actively at the moment, so I defer to others judgement on whether to dupe bugs, etc.
Flags: needinfo?(ben)
|
Assignee | |
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
|
||
Comment 5•5 years ago
|
||
kmag suggests duping this bug to fission-ipc-map bug 1491018.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•