Open
Bug 1643174
Opened 5 years ago
Updated 5 years ago
Remove "whitelist" from sandboxing preferences
Categories
(Core :: Security: Process Sandboxing, enhancement, P1)
Tracking
()
NEW
People
(Reporter: gcp, Unassigned)
References
(Blocks 2 open bugs)
Details
https://wiki.mozilla.org/Security/Sandbox#Customization_Settings
--> safelist (allowlist?) / blocklist
We'll need to keep reading the old prefs though so as not to break any existing configs.
|
Reporter | |
Updated•5 years ago
|
Blocks: remove-blackwhitelist
|
|
Reporter | |
Updated•5 years ago
|
Severity: -- → S4
Priority: -- → P1
|
||
Updated•5 years ago
|
Blocks: remove-blackwhitelist-prefs
|
||
Comment 1•5 years ago
|
||
(In reply to Gian-Carlo Pascutto [:gcp] from comment #0)
https://wiki.mozilla.org/Security/Sandbox#Customization_Settings
--> safelist (allowlist?) / blocklist
We'll need to keep reading the old prefs though so as not to break any existing configs.
We can do a one-time migration in BrowserGlue.jsm to migrate to the new pref during an update.
|
||
Comment 2•5 years ago
|
||
In general I prefer “allowlist” over “safelist” for sandboxing: sometimes we have to allow things that aren't safe because it's not (yet) feasible to disallow them.
You need to log in
before you can comment on or make changes to this bug.
Description
•