1671166 - Perform IPC based Principal vetting for ContentParent::Recv(Principal)

Status: RESOLVED FIXED

(Core :: DOM: Security, task, P3)

Description

[Christoph Kerschbaumer [:ckerschb}]

For grating notifications we should perform a check whether the principal matches the processId the site was assigned to before returning true.

Comment 1

[Christoph Kerschbaumer [:ckerschb}]

Attachment: Bug 1671166: Validate received Principal in ContentParent

Comment 2

[Nika Layzell [:nika] (ni? for response)]

Attachment: Bug 1671166 - (DNL) ValidatePrincipal sketch

Comment 3

[Pulsebot]

Pushed by apavel@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/4161bcfbf75f
Validate received Principal in ContentParent r=nika

Comment 4

[Alexandru Michis [:malexandru]]

Backed out changeset 4161bcfbf75f (Bug 1671166) for causing mochitest plain crashes.

Backout link: https://hg.mozilla.org/integration/autoland/rev/9e722c7fafcf09efbaf13675cd4187beb85ef7bd

Push with failures: https://treeherder.mozilla.org/jobs?repo=autoland&group_state=expanded&fromchange=24bc78c0fdc52ca31b540f959d6e53cb61a67f82&searchStr=linux%2C18.04%2Cx64%2Cwebrender%2Cdebug%2Cmochitests%2Cwith%2Cfission%2Cenabled%2Ctest-linux1804-64-qr%2Fdebug-mochitest-plain-fis-e10s%2C11&tochange=6149f5b15c5e278ef15ea36fa896fa8c146ebdca&selectedTaskRun=K5jxpHjIQwG4NSIOZgTRxw.1

Failure log: https://treeherder.mozilla.org/logviewer?job_id=326642119&repo=autoland&lineNumber=19085

Comment 5

[Christoph Kerschbaumer [:ckerschb}]

Thanks, I'll have a look.

Comment 6

[Pulsebot]

Pushed by rmaries@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/1b95fe6d0d4c
Validate received Principal in ContentParent r=nika

Comment 7

[Andreea Pavel [:apavel]]

https://hg.mozilla.org/mozilla-central/rev/1b95fe6d0d4c