Closed
Bug 814156
Opened 12 years ago
Closed 12 years ago
Need additional security checks for the "permissions" permission
Categories
(Core :: DOM: Core & HTML, defect, P1)
Core
DOM: Core & HTML
Tracking
()
People
(Reporter: bent.mozilla, Assigned: gwagner)
References
Details
Attachments
(1 file)
873 bytes,
patch
|
sicking
:
review+
|
Details | Diff | Splinter Review |
Some notes from my conversation with gregor: no parent process checks at all actual permission being changed is not subjected to a whitelist, certified-only perms can be added to non-certified apps for example.
Updated•12 years ago
|
blocking-basecamp: ? → +
Comment 1•12 years ago
|
||
Gregor, Doug said you should be the lucky owner of this bug. Congrats! :)
Assignee: nobody → anygregor
Comment 2•12 years ago
|
||
Setting priority based on triage discussions. Feel free to decrease priority if you disagree.
Priority: -- → P1
Comment 3•12 years ago
|
||
Mass Modify: All un-milestoned, unresolved blocking-basecamp+ bugs are being moved into the C3 milestone. Note that the target milestone does not mean that these bugs can't be resolved prior to 12/10, rather C2 bugs should be prioritized ahead of C3 bugs.
Target Milestone: --- → B2G C3 (12dec-1jan)
Assignee | ||
Comment 4•12 years ago
|
||
Attachment #689493 -
Flags: review?(jonas)
Attachment #689493 -
Flags: review?(jonas) → review+
Assignee | ||
Comment 5•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/a54483a8d0c7
Comment 6•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/a54483a8d0c7
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 7•12 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/17c116a1aa94 https://hg.mozilla.org/releases/mozilla-beta/rev/872ec2b322ad
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•