Closed
Bug 79916
Opened 23 years ago
Closed 23 years ago
Treating all clases with nsIClassInfo as if they were DOM objects
Categories
(Core :: Security: CAPS, defect)
Core
Security: CAPS
Tracking
()
VERIFIED
FIXED
People
(Reporter: jband_mozilla, Assigned: security-bugs)
References
()
Details
(Whiteboard: need engineer feedback)
In nsScriptSecurityManager::IsDOMClass you need: - return NS_SUCCEEDED(rv) && (classFlags | nsIClassInfo::DOM_OBJECT); + return NS_SUCCEEDED(rv) && (classFlags & nsIClassInfo::DOM_OBJECT); I think you should fix this quickly.
Comment 1•23 years ago
|
||
Yeesh, I still haven't reviewed the caps code. Has anyone else? I'm jammed up till tomorrow; in the mean time, r/sr=brendan@mozilla.org (and you have jband's blessing) to get this fix in ASAP! /be
Assignee | ||
Comment 2•23 years ago
|
||
Fixed.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Comment 3•23 years ago
|
||
Mitch, any way to test this?
Updated•23 years ago
|
Whiteboard: need engineer feedback
Assignee | ||
Comment 4•23 years ago
|
||
Chris, This was making some interfaces under the Components object (I forget which) accessible to untrusted scripts when they shouldn't be.
Comment 5•23 years ago
|
||
Okay, so if it blocks access to Components.interfaces, we're okay, right?
Assignee | ||
Comment 6•23 years ago
|
||
Yeah.
Comment 7•23 years ago
|
||
What? We're not blocking access to Components.interfaces, we currently rely on being able to access that (indirectly) from web content!
Reporter | ||
Comment 8•23 years ago
|
||
Components uses nsISceurityCheckedComponent to expose 'interfaces'.
Comment 9•23 years ago
|
||
Okay, I think I need some clue-vending... For the testcase http://voodoolady.mcom.com/seucurity/accept/auxp003.html I am getting the exception "Permission denied to create wrapper for object" with Components.interfaces starting at nsMsgViewCommandType and the failures continue through nsIAddressBook. Is this testcase appropriate to test for the problem we are seeing in this bug?
Comment 10•23 years ago
|
||
Added test URL (internal only)
Comment 11•23 years ago
|
||
cc'ing dbradley, who was looking at some of this for me...
Comment 12•23 years ago
|
||
jband, are we still doing this?
Assignee | ||
Comment 13•23 years ago
|
||
I think we're OK.
Comment 14•23 years ago
|
||
Marking VERIFIED FIXED on: -MacOS91 2001-07-23-03-0.9.2 -LinRH62 2001-07-23-04-0.9.2 -Win98SE 2001-07-23-06-0.9.2
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•