Last Comment Bug 763433 - ExposedPropertiesOnly::check should leave the chrome compartment before checking UniversalXPConnect
: ExposedPropertiesOnly::check should leave the chrome compartment before check...
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: XPConnect (show other bugs)
: unspecified
: All All
: -- normal (vote)
: mozilla16
Assigned To: Bobby Holley (:bholley) (busy with Stylo)
:
: Andrew Overholt [:overholt]
Mentors:
Depends on:
Blocks: 766641 754202
  Show dependency treegraph
 
Reported: 2012-06-11 04:15 PDT by Bobby Holley (:bholley) (busy with Stylo)
Modified: 2012-06-20 11:48 PDT (History)
4 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
Part 1 - Clarify compartment semantics for ExposedPropertiesOnly. v2 (7.24 KB, patch)
2012-06-12 05:03 PDT, Bobby Holley (:bholley) (busy with Stylo)
mrbkap: review+
Details | Diff | Splinter Review
Part 2 - Clarify compartment situation in Xray wrapper. v1 (3.26 KB, patch)
2012-06-12 05:04 PDT, Bobby Holley (:bholley) (busy with Stylo)
mrbkap: review+
Details | Diff | Splinter Review

Description Bobby Holley (:bholley) (busy with Stylo) 2012-06-11 04:15:21 PDT
This isn't a problem on trunk, because we don't base CAPS security decision on the context compartment. But with bug 754202, we do. Let's fix this.
Comment 1 Bobby Holley (:bholley) (busy with Stylo) 2012-06-12 05:03:58 PDT
Created attachment 632212 [details] [diff] [review]
Part 1 - Clarify compartment semantics for ExposedPropertiesOnly. v2
Comment 2 Bobby Holley (:bholley) (busy with Stylo) 2012-06-12 05:04:16 PDT
Created attachment 632213 [details] [diff] [review]
Part 2 - Clarify compartment situation in Xray wrapper. v1

Adding to the mess of the NodePrincipal (et al) check isn't great, but I'm refactoring that in bug 761704.
Comment 3 :Ms2ger (⌚ UTC+1/+2) 2012-06-12 09:35:07 PDT
Comment on attachment 632212 [details] [diff] [review]
Part 1 - Clarify compartment semantics for ExposedPropertiesOnly. v2

Review of attachment 632212 [details] [diff] [review]:
-----------------------------------------------------------------

::: js/xpconnect/wrappers/AccessCheck.cpp
@@ +447,5 @@
>      }
> +
> +    // Double-check that the subject principal according to CAPS is a content
> +    // principal rather than the system principal. If it is, this check is
> +    // meaningless.

If it is or if it is not?
Comment 4 Bobby Holley (:bholley) (busy with Stylo) 2012-06-18 06:50:01 PDT
Pushed to try: https://tbpl.mozilla.org/?tree=Try&rev=0eb257679869

Note You need to log in before you can comment on or make changes to this bug.