Closed
Bug 1256370
Opened 9 years ago
Closed 3 years ago
Audit PNecko IPDL protocol for security vulnerabilities
Categories
(Core :: Networking, defect, P3)
Core
Networking
Tracking
()
RESOLVED
INCOMPLETE
People
(Reporter: tedd, Unassigned)
References
Details
(Keywords: sec-audit, Whiteboard: [necko-backlog])
This bug is to track the auditing process of the PNecko protocol (as part of Bug 1041862).
The goal is to look at the parent code that is reachable through the PNecko protocol and audit for any potential security vulnerabilities.
This effort should help reduce the attack surface for privilege escalation once a unprivileged child has been compromised.
(In reply to Andrew Overholt [:overholt] from comment #1)
> This feels like it should be in Necko.
FYI, see also bug 1041862 for explanation. This is a forward looking exercise to investigate the security of our IPC mechanisms, with a view to eventually having a security sandbox.
Updated•9 years ago
|
Whiteboard: [necko-backlog]
Comment 3•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Comment 4•7 years ago
|
||
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
Reporter | ||
Updated•7 years ago
|
Assignee: julian.r.hector → nobody
Updated•3 years ago
|
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•