Closed Bug 1873342 Opened 1 year ago Closed 1 year ago

Remove dom.security.enforceIPCBasedPrincipalVetting pref

Categories

(Core :: DOM: Security, task)

Product:
Core
Component:
DOM: Security
Type:
task

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: gregp, Unassigned)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

This seems important. Why do we need to be able to turn it off?

Depends on: 1703215

Are we ready to turn this off?

Flags: needinfo?(ckerschb)

Tom was just talking about needing to enforce principal vetting more in our IPC calls. Does that mean the mechanism controlled by this pref is too limited? That individual IPC calls are routing around it? If we expand that control we'll want to put it behind a pref in case we break things. Does it make sense to expand the use of this pref for that, or let this one go away and invent a new, slightly different, one that only controls the additional coverage?

Flags: needinfo?(tom)

I think we can leave this around for now since we're going to be looking at this more closely in the future and changing how it behaves.

Flags: needinfo?(tom)
Flags: needinfo?(ckerschb)

WONTFIX for now. We'll re-evaluate later.

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.