Closed
Bug 947784
Opened 11 years ago
Closed 10 years ago
Move "mobilenetwork" permission check to parent and create a sandbox safe implementation
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 952371
People
(Reporter: pauljt, Assigned: jessica)
References
Details
+++ This bug was initially created as a clone of Bug #866272 +++ The solution developed in bug 866272 relies on permissions checks performed solely in the child, and also provides this feature by storing private data inside preferences. In a compromised child situation, where malicious content has the ability to execute chrome privileged script (or any arbitrary code exec), the permission check offers no security as the child can read the data directly out of preferences. This issue is relatively low risk since as the attack scenario requires an additional exploit but it would be good to fix this as we harden IPC mechanisms as part of sandboxing.
Ken, can you find an owner for this from your team?
Flags: needinfo?(kchang)
Comment 2•11 years ago
|
||
Jessica, please take this bug. Thanks.
Assignee: nobody → jjong
Flags: needinfo?(kchang)
Assignee | ||
Comment 3•10 years ago
|
||
Hi Paul, In bug 952371, we changed to use IPC messages instead of preferences to query last known networks, and the permission check is now done on parent side. Do you think that fulfills the security requirements in this bug? Thank you.
Flags: needinfo?(ptheriault)
Reporter | ||
Comment 4•10 years ago
|
||
Hi Jessica, yes that looks fine to me, thanks! Resolved as a dupe so we know where it was fixed.
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: needinfo?(ptheriault)
Resolution: --- → DUPLICATE
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•