Closed Bug 387248 Opened 14 years ago Closed 7 years ago
.5] Consider using the Mac OS X Sandbox for improved security
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:22.214.171.124) Gecko/20070515 Firefox/126.96.36.199 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:188.8.131.52) Gecko/20070515 Firefox/184.108.40.206 The Apple page says "Sometimes hackers try to hijack an application to run malicious code. Sandboxing helps ensure that applications do only what they’re intended to by restricting which files they can access, whether they can talk to the network, and whether they can be used to launch other applications. Helper applications in Leopard — including the network time daemon and the Spotlight indexer — are sandboxed to guard against attackers." IMO it would be interesting to use this sandbox feature for Firefox on Mac OS X 10.5. (And probably on Windows Vista too) This could limit the impact of security issues. btw: no idea if this is the correct Component. Reproducible: Always Steps to Reproduce: 1. 2. 3.
I think bug 266533 is the equivalent for Windows Vista.
Is this something that would need to happen on the application front-end, or would this be something that would happen in Core (and therefore Seamonkey and Camino would get it for free)? Or some combination of both?
Confirming as a valid RFE.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Consider using the Mac OS X 10.5 Sandbox for improved security → [10.5] Consider using the Mac OS X Sandbox for improved security
I don't think this is what you think it is. As I recall from WWDC, this is only used for background daemon apps -- it's similar to a chroot jail, to use *NIX terminology. Running inside this would break all sorts of things, if it's even possible.
While reading the following document I cannot see a reason why the sandbox mode could be useful: http://developer.apple.com/documentation/Darwin/Reference/ManPages/man3/sandbox_init.3.html#//apple_ref/doc/man/3/sandbox_init The amount of available restrictions is too short and Firefox needs everything from the list. Does Apple provide another API which could be used?
Hardware: Macintosh → All
Version: unspecified → Trunk
Apparently Google found Leopard's sandbox API to be very easy to work with: http://blog.chromium.org/2009/06/google-chrome-sandboxing-and-mac-os-x.html If I am not mistaken, they just request all the resources needed for a process up-front and then enable sandbox, which prevents further access to system resources, but still allows the process to access any resources already owned. Extensive changes needs to be made to Gecko to fully utilize the sandboxing facilities of OS X and other OSes, but a useful first step would be to spawn browser plugins into separate processes, which will not only protect users against exploits in components not under Mozilla's control, but also eliminate most browser crashes. Besides browser plugins, SpiderMonkey should also be sandboxed.
This bug depends on bug 478976
Users seem to estimated time too long ... Run Firefox in a protected sandbox Web Browsers http://www.macosxhints.com/article.php?story=20100318044558156 this is a base policy for sandbox. I join another one based on the above but test on my setup (many plugins) and on the following web page - google map - Adobe flash page - misc tabs ... Bug: can't create new window ... Logs are available in Macos console in "all messages" from sandboxd
Any news on this front especially conderning the current stagnation of firefox-mac-pdf https://addons.mozilla.org/en-US/firefox/addon/7518 http://code.google.com/p/firefox-mac-pdf and concerning the new approach on https://wiki.mozilla.org/Show_PDF_inline https://wiki.mozilla.org/PDF.js https://wiki.mozilla.org/PDF.js/Planning/1.0 Wouldn't it be worth to give http://code.google.com/p/firefox-mac-pdf a new impulse with one or two developers who can make this so far 32bit-only Add-On also 64bit-capable, since this Add-On is a _working solution_ but limited to 32bit (and the initial developer seems to have retired on this project)?
I'm duping this to the sandboxing meta bug since there's a couple of bugs concerning Sandboxing on OS X.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 925570
You need to log in before you can comment on or make changes to this bug.