Open
Bug 1484019
(fission-ipc)
Opened 6 years ago
Updated 1 month ago
[meta] Enforce Content Process Restrictions in IPC
Categories
(Core :: IPC, enhancement)
Core
IPC
Tracking
()
NEW
| Fission Milestone | Future |
People
(Reporter: tjr, Unassigned)
References
(Depends on 36 open bugs, Blocks 1 open bug)
Details
(Keywords: meta)
In addition to ensuring the Parent (+ Compositor/RDD) processes never _send_ data belonging to origin B to origin A, we should ensure that the content process of Origin B cannot _receive_ data even if it explicitly requests data for origin A. Such a request would be the result of either a bug or a compromised child process.
The Parent/Compositor/RDD process needs a trusted mapping of Content Processes -> Origins, and then needs to add checks into all relevant IPC/MM methods to confirm that requested data is for an origin the process is authorized for.
Surely there will be a lot of shared code in these checks, so creating a framework for that would be a task for the first of these checks added.
|
Reporter | |
Updated•6 years ago
|
Depends on: fission-ipc-map
|
||
Updated•6 years ago
|
Depends on: CVE-2018-18505
|
||
Updated•6 years ago
|
Summary: Enforce Content Process Restrictions in IPC → [meta] Enforce Content Process Restrictions in IPC
|
|
Reporter | |
Updated•6 years ago
|
|
|
Reporter | |
Comment 1•6 years ago
|
||
Bug 1513003 is a particurally important one given its high value (Saved Logins) and how easy it would be to abuse given a UXSS vulnerability.
Depends on: 1513003
|
|
Reporter | |
Updated•6 years ago
|
Depends on: CVE-2020-12424
|
|
Reporter | |
Updated•6 years ago
|
Depends on: CVE-2019-11765
|
||
Updated•5 years ago
|
Fission Milestone: --- → Future
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•