Open
Bug 1446549
Opened 7 years ago
Updated 2 years ago
nsIMIMEService implementations are not compatible with content sandboxing
Categories
(Core :: Security: Process Sandboxing, defect, P2)
Tracking
()
NEW
| Tracking | Status | |
|---|---|---|
| firefox61 | --- | affected |
People
(Reporter: haik, Assigned: haik)
References
Details
The nsIMIMEService implementations rely on getting information about installed applications and that is problematic when used from content processes. On Mac, the system libraries that are used to lookup the application used for MIME types depend on being able to read from /Applications which is blocked in content processes. This is a problem on Linux too. See Mac bug 1437281 and bug 1391186 and Linux bug 1382323 for examples. There are still some call sites that do MIME lookups in content. We should refactor our code so that content processes don't do MIME lookups OR, if they need to, we should remote the API's.
|
Assignee | |
Updated•7 years ago
|
|
||
Comment 1•7 years ago
|
||
For reference, bug 1434392 was indirectly caused by this — it was a regression caused by bug 1412464 which was a sandboxing workaround for the MIME service.
|
||
Updated•7 years ago
|
Priority: -- → P3
|
|
||
Updated•7 years ago
|
Priority: P3 → P2
|
|
Assignee | |
Updated•7 years ago
|
|
|
Assignee | |
Comment 2•5 years ago
|
||
Bug 1452278 remoted some of these problematic calls on macOS and went into Firefox 68. The plan with 1452278 was to enable it for all platforms after some soak time. This can be tested on other platforms by changing nsExternalHelperAppService::GetSingleton() to use nsOSHelperAppServiceChild for child processes like it does for Mac.
Assignee: nobody → haftandilian
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•