Closed Bug 777604 Opened 12 years ago Closed 6 years ago

Don't send permissions for other apps to child processes.

Categories

(Core :: IPC, defect)

Product:
Core
Component:
IPC
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID
Project Flags:
blocking-kilimanjaro +
blocking-basecamp -

People

(Reporter: sicking, Unassigned)

References

Details

What we need to do is only send permissions about the appId itself to the content process, and not accept any incoming permissions modifications.

However if the app has permission to use the API from bug 770731, we need to both send all permissions as well as accept incoming permission modifications.

We also need to audit all callers of the nsIPermissionManager::add/remove to make sure that they happen in the parent process as needed.
blocking-basecamp: --- → +
Actually, I'm going to remove blocking for this. The only problem here is that crashed apps can see what permissions other apps have. I don't think that's bad enough to hold the release.
blocking-basecamp: + → -
blocking-kilimanjaro: --- → +
Summary: Make PContent permission API respect sandboxes → Don't send permissions for other apps to child processes.
I agree, this is a minor fingerprinting concern, IMHO.
Hey Paul, I'm hoping you know whether or not we can close this out.
Flags: needinfo?(ptheriault)
FxOS bug, closing.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(ptheriault)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.