1873342 - Remove dom.security.enforceIPCBasedPrincipalVetting pref

Status: RESOLVED FIXED

(Core :: DOM: Security, task)

Description

[Gregory Pappas [:gregp]]

This seems important. Why do we need to be able to turn it off?

Comment 1

[Daniel Veditz [:dveditz]]

Are we ready to turn this off?

Comment 2

[Daniel Veditz [:dveditz]]

Tom was just talking about needing to enforce principal vetting more in our IPC calls. Does that mean the mechanism controlled by this pref is too limited? That individual IPC calls are routing around it? If we expand that control we'll want to put it behind a pref in case we break things. Does it make sense to expand the use of this pref for that, or let this one go away and invent a new, slightly different, one that only controls the additional coverage?

Comment 3

[Tom Ritter [:tjr]]

I think we can leave this around for now since we're going to be looking at this more closely in the future and changing how it behaves.

Comment 4

[Daniel Veditz [:dveditz]]

WONTFIX for now. We'll re-evaluate later.

Comment 5

[Tom Schuster]

We should probably just remove this pref now. If we want to change its behavior we can introduce a new pref (under a new name!) that just guards whatever new stuff we have planned. (Can someone link these plans?)

Comment 7

[Tom Schuster]

Attachment: Bug 1873342 - Remove the dom.security.enforceIPCBasedPrincipalVetting pref. r?nika

Comment 8

[Pulsebot]

Pushed by tschuster@mozilla.com:
https://github.com/mozilla-firefox/firefox/commit/381e4554f5c8
https://hg.mozilla.org/integration/autoland/rev/26b6a41d08e7
Remove the dom.security.enforceIPCBasedPrincipalVetting pref. r=nika

Comment 9

[Serban Stanca [:SerbanS]]

https://hg.mozilla.org/mozilla-central/rev/26b6a41d08e7