Closed Bug 1514694 Opened 4 years ago Closed 3 years ago
Don't report winsxs / comctl32
.dll as untrusted in untrusted modules ping
47 bytes, text/x-phabricator-request
|Details | Review|
According to https://sql.telemetry.mozilla.org/queries/60451/source#156077 a significant number of untrusted module pings are reporting comctl32.dll, with trust flags "4", meaning the only trustworthiness found is that they have Microsoft-looking version info. The comctl32.dll that's in %SystemRoot%\system32 has a digital signature, so this is not the one being loaded. My local install loads comctl32.dll as: C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.471_none_fb3e9aab3068fc16\comctl32.dll This doesn't have a digital signature, so if we want to suppress this, we need to consider a new trustworthiness rule. A couple ideas: 1. Grant the WinSxS directory similar trustworthiness as we already do with system32. Of course being in WinSxS doesn't automatically make a DLL trustworthy, but it carries at least as much confidence as we already give with system32. 2. Grant an exception to comctl32, gdiplus, and msvc* when they're in WinSxS. According to https://docs.microsoft.com/en-us/windows/desktop/SbsCs/supported-microsoft-side-by-side-assemblies, these DLLs are explicitly supported as being SxS. Perhaps we could do a check that the folder name is properly formatted and that they're properly registered as such.
Adds a new flag for evaluating DLL trustworthiness: ModuleTrustFlags::WinSxSDirectory This flag indicates that the DLL was loaded from the WinSxS folder. This grants a trustworthiness equal to that of ModuleTrustFlags::SystemDirectory, in particular allowing some Microsoft DLLs, like comctl32.dll, to be considered trusted so they don't appear in the untrusted modules ping.
Pushed by email@example.com: https://hg.mozilla.org/integration/autoland/rev/9fdf3a686991 Treat DLLs under WinSxS with same trustworthiness as system32 r=aklotz
You need to log in before you can comment on or make changes to this bug.