Closed
Bug 820202
Opened 12 years ago
Closed 7 years ago
[tracker] Harden Message Manager protocols
Categories
(Core :: DOM: Device Interfaces, defect, P3)
Tracking
()
RESOLVED
FIXED
People
(Reporter: pauljt, Unassigned)
References
Details
(Keywords: meta)
This is a tracking bug to track the bugs identified as part of auditing the message manager protocols. The overall goal is to harden the message manager protocols, to limit what access a compromised child process can gain by sending spurious messages to the parent process.
|
Reporter | |
Comment 1•12 years ago
|
||
Note that DOM APIs missing parent permission checks will not be noted as part of this bug, since they are tracked under bug 776834.
|
|
Reporter | |
Comment 2•12 years ago
|
||
Quoting Jonas from bug 821671, since it is probably relevant to all of the bugs which block this:
---
Unfortunately I can't see how you in JS could check that the child process contains the app for a particular manifestURL.
What we probably need to do is to add a function on nsIPermissionChecker called something like assertContainsApp(manifestURL). The implementation would look a lot like assertPermission except that it wouldn't check in the permission database but rather check the url of the containing app.
---
|
|
Reporter | |
Comment 3•11 years ago
|
||
I believe that we are aiming for kernel sandbox to land on 1.2 (bug 790923). If that's the case, I think we should be pushing to resolve the bugs that blocked this metabug since they represent potential attacks from compromised child processes to the parent process. Some of them aren't so serious, but I will like to at least visit them and decide if they are going to block or not.
blocking-b2g: --- → leo?
|
||
Comment 4•11 years ago
|
||
1.2 is blocking-b2g:koi, no?
|
||
Comment 5•11 years ago
|
||
(In reply to Paul Theriault [:pauljt] from comment #3)
> I believe that we are aiming for kernel sandbox to land on 1.2 (bug 790923).
> If that's the case, I think we should be pushing to resolve the bugs that
> blocked this metabug since they represent potential attacks from compromised
> child processes to the parent process. Some of them aren't so serious, but I
> will like to at least visit them and decide if they are going to block or
> not.
I think you meant to nominate this to koi. We can't block on this for leo - it's too late at this point.
blocking-b2g: leo? → koi?
|
||
Comment 6•11 years ago
|
||
We don't normally block on tracking bugs so I've nommed all the blockers and removed the nom here.
blocking-b2g: koi? → ---
Summary: Harden Message Manager protocols → [tracker] Harden Message Manager protocols
|
|
Reporter | |
Updated•10 years ago
|
|
||
Updated•7 years ago
|
Priority: -- → P3
|
|
Reporter | |
Comment 7•7 years ago
|
||
This tracking bug isnt needed any more. Sandbox work is stracked under bug alias 'sandbox-sa'
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•