Don't send permissions for other apps to child processes.

RESOLVED INVALID

Status

()

RESOLVED INVALID
6 years ago
6 months ago

People

(Reporter: sicking, Unassigned)

Tracking

(Blocks: 1 bug)

Trunk
x86
Mac OS X
Points:
---

Firefox Tracking Flags

(blocking-kilimanjaro:+, blocking-basecamp:-)

Details

What we need to do is only send permissions about the appId itself to the content process, and not accept any incoming permissions modifications.

However if the app has permission to use the API from bug 770731, we need to both send all permissions as well as accept incoming permission modifications.

We also need to audit all callers of the nsIPermissionManager::add/remove to make sure that they happen in the parent process as needed.
blocking-basecamp: --- → +
Actually, I'm going to remove blocking for this. The only problem here is that crashed apps can see what permissions other apps have. I don't think that's bad enough to hold the release.
blocking-basecamp: + → -
blocking-kilimanjaro: --- → +
Summary: Make PContent permission API respect sandboxes → Don't send permissions for other apps to child processes.
I agree, this is a minor fingerprinting concern, IMHO.

Comment 3

6 months ago
Hey Paul, I'm hoping you know whether or not we can close this out.
Flags: needinfo?(ptheriault)
FxOS bug, closing.
Status: NEW → RESOLVED
Last Resolved: 6 months ago
Flags: needinfo?(ptheriault)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.