Closed
Bug 776655
Opened 12 years ago
Closed 12 years ago
Don't trust app-id sent from child process when opening IDB databases
Categories
(Core :: Storage: IndexedDB, defect)
Core
Storage: IndexedDB
Tracking
()
RESOLVED
WONTFIX
blocking-basecamp | + |
People
(Reporter: cjones, Assigned: bent.mozilla)
References
Details
When we did cross-process IndexedDB, we punted on sanitizing the DB name that content processes ask the parent to open. Now that we have the mechanisms for capability checking, we need to apply them to IndexedDBs. I suspect this requires the data jar work, but I'm not 100% clear on the details.
Reporter | ||
Comment 1•12 years ago
|
||
Guys, we should figure out how this fits with "data jars". Assuming IDBs will be part of the data set, then we should basically get this out of the box --- we'll attempt to resolve the DB name in the app's storage area and it won't matter whether we trust name (beyond sanitizing malicious names like "../privegeledApp/otherDB").
Updated•12 years ago
|
blocking-basecamp: --- → +
Morphing this since once we have data-jars indexedDB databases will be per-app-id which means that all database names are allowed, as long as the child process is opening the database for the correct app.
Assignee: nobody → bent.mozilla
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
Summary: Don't trust DB names handed back from content processes → Don't trust app-id sent from child process when opening IDB databases
You need to log in
before you can comment on or make changes to this bug.
Description
•