XPConnect security review action items

RESOLVED WORKSFORME

Status

()

RESOLVED WORKSFORME
16 years ago
9 years ago

People

(Reporter: hjtoi-bugzilla, Assigned: dbradley)

Tracking

(Blocks: 1 bug)

Trunk
mozilla1.7alpha
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:investigation])

Modify JS engine so that XPConnect can directly monitor object creation and
deletion, helps with double free problems, perf etc.?

We should make it impossible to run code in safe context

Is it possible we might elevate privileges during GC?

SOAP generates stuff dynamically, some names can be easily guessed

Is it possible to generate JS exceptions that cross the chrome boundary and end
up being run with chrome privileges?
(Assignee)

Comment 1

16 years ago
I'm going to start creating bugs off this as I find them.
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.4beta
Whiteboard: [sg:investigation]
(Assignee)

Updated

16 years ago
Depends on: 202889
(Assignee)

Comment 2

16 years ago
Just a note, bug 202889 deals with issue one. I believe issue one incorrectly
states object, it should talk about JSContexts. We already know when JS objects
are finalized and we don't really need to know when they are created.
Target Milestone: mozilla1.4beta → mozilla1.5alpha
(Assignee)

Updated

15 years ago
Target Milestone: mozilla1.5alpha → mozilla1.5beta
(Assignee)

Comment 3

15 years ago
Moving out, speak up if you believe this needs to be considered for 1.5b
Target Milestone: mozilla1.5beta → mozilla1.6alpha
(Assignee)

Comment 4

15 years ago
Moving out
Target Milestone: mozilla1.6alpha → mozilla1.7alpha
Group: core-security
Status: ASSIGNED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.