Closed
Bug 724330
Opened 12 years ago
Closed 7 years ago
[OOPP] plugin-container process should run under Low integrity mode
Categories
(Core Graveyard :: Plug-ins, defect)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: syskin2, Unassigned)
References
()
Details
Windows Vista and 7 allow starting processes under Low Integrity privileges, limiting their access to standard user-accessible locations and visualising some of the filesystem for them. Mozilla did all the hard work to separate plugin-container.exe out, but then left this process under Medium Integrity level (same as browser's). I see no bug for changing that, or tracking why it's hard. So, here it is. There exists bug 266533 which is about running entire browser under Low Integrity. This bug is not a dup of that, it might be a subset. It's only about plugin-container.exe
Comment 1•12 years ago
|
||
I'm fairly certain that both Flash and Java do things that are impossible to do in Low Integrity mode, though it's worth double-checking. At that point, what would be the use of sandboxing some limited subset of other plug-ins that no one actually uses?
Component: IPC → Plug-ins
QA Contact: ipc → plugins
Comment 2•10 years ago
|
||
(In reply to Boris Zbarsky [:bz] from comment #1) > I'm fairly certain that both Flash and Java do things that are impossible to > do in Low Integrity mode, though it's worth double-checking. I'm sure that, even if Flash & Java would not be affected, we would break other plugins that don't expect to have limited privileges. If anything we might think about doing this for certain plugins which are known to continue to work, although even that will be risky.
Comment 3•10 years ago
|
||
IMHO, the greater risk is in not doing this. Does IE run Flash and Java in low integrity mode? If so, then Firefox is less secure than IE.
Comment 4•7 years ago
|
||
We are shipping a strong sandbox on Flash-win64 and Flash has a sandbox on win32. Non-Flash plugins are deprecated. I'm going to close this as not tracking anything in particular nowadays.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•