Closed
Bug 357195
Opened 18 years ago
Closed 9 months ago
Back out bug 168136, chrome/resource scheme access to file:
Categories
(Core :: Security: CAPS, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: dveditz, Assigned: dveditz)
Details
Attachments
(1 obsolete file)
bug 168136 added special permission for chrome and resource URIs to access file: URIs to make the mail filter viewer dialog work. At the time CheckLoadURI made no distinction between privileged sources and not so it was necessary.
Now, however, CheckLoadURIWithPrincipal() grants access if the source principal is the system principal, so for the dialog case this permission should be no longer necessary. Unprivileged chrome resources (should there be any) shouldn't be able to do things other unprivileged content can't, that's why we made it unprivileged.
There's a slightly stronger case to be made for resource:, that they're really just files. In the Mozilla view of things resource refers to its own little sandbox and shouldn't be reaching outside, but there's a possibility that some embedding app has used this property of resource: files. We may want to remove the chrome permission and leave the resource permission.
|
||
Comment 1•18 years ago
|
||
I second the motion!
Do we want to do this on branches too, or just on trunk? If the latter, then before or after bug 120373 lands? If we do want it on branches, we should do this before bug 120373 so we don't have to write two separate patches.
|
||
Updated•2 years ago
|
Severity: normal → S3
|
|
||
Updated•9 months ago
|
Attachment #9385662 -
Attachment is obsolete: true
|
Assignee | |
Comment 3•9 months ago
|
||
This exception in the code is long gone
Status: NEW → RESOLVED
Closed: 9 months ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•