Open Bug 1475702 Opened 4 years ago Updated 4 years ago

[meta] Download protection should look inside archive files


(Toolkit :: Safe Browsing, enhancement, P3)





(Reporter: francois, Unassigned)


(Depends on 3 open bugs, Blocks 1 open bug)


(Keywords: meta)

A few things to note about Chrome's implementation:

- all decompressors are run in a separate "utility" process that is heavily sandboxed (and their parser code has been fuzzed too)
- they also decompress the various aliases for .zip and .dmg (e.g. .iso, .dmgpart, etc.) -- list of aliases is in the Chromium source code
- they don't recursively decompress files, but they consider a zip-within-a-zip suspicious and do a remote lookup for those
Depends on: 1260856
Depends on: 1167040
No longer depends on: 1167040
Depends on: 1475705
Depends on: 1475706
Depends on: 1480639
Keywords: meta
You need to log in before you can comment on or make changes to this bug.