Closed
Bug 777604
Opened 12 years ago
Closed 6 years ago
Don't send permissions for other apps to child processes.
Categories
(Core :: IPC, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: sicking, Unassigned)
References
Details
What we need to do is only send permissions about the appId itself to the content process, and not accept any incoming permissions modifications. However if the app has permission to use the API from bug 770731, we need to both send all permissions as well as accept incoming permission modifications. We also need to audit all callers of the nsIPermissionManager::add/remove to make sure that they happen in the parent process as needed.
Updated•12 years ago
|
blocking-basecamp: --- → +
Reporter | ||
Comment 1•12 years ago
|
||
Actually, I'm going to remove blocking for this. The only problem here is that crashed apps can see what permissions other apps have. I don't think that's bad enough to hold the release.
blocking-basecamp: + → -
blocking-kilimanjaro: --- → +
Summary: Make PContent permission API respect sandboxes → Don't send permissions for other apps to child processes.
I agree, this is a minor fingerprinting concern, IMHO.
Comment 3•6 years ago
|
||
Hey Paul, I'm hoping you know whether or not we can close this out.
Flags: needinfo?(ptheriault)
FxOS bug, closing.
Status: NEW → RESOLVED
Closed: 6 years ago
Flags: needinfo?(ptheriault)
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•