202
edits
Security/Sandbox/Deny Filesystem Access: Difference between revisions
Jump to navigation
Jump to search
Security/Sandbox/Deny Filesystem Access (view source)
Revision as of 07:31, 9 June 2016
, 9 June 2016→Cross-Platform Blockers
Haftandilian (talk | contribs) No edit summary |
Haftandilian (talk | contribs) |
||
| Line 29: | Line 29: | ||
|- | |- | ||
| {{bug|922481}} e10s: remote the file:// protocol || Blocks disabling read access to $HOME and other locations || | | {{bug|922481}} e10s: remote the file:// protocol || Blocks disabling read access to $HOME and other locations || | ||
# A compromised content process shouldn't be able to read arbitrary files, but when the user does File->Open or uses a file:/// URI, that must continue to work | # A compromised content process shouldn't be able to read arbitrary files, but when the user does File->Open or uses a file:/// URI, that must continue to work | ||
Another approach to this is to open file:// URI's in the chrome process. | Another approach to this is to open file:// URI's in the chrome process. | ||
If a content process that has read or write access to a local file (even indirectly through the parent) shouldn't also be used for web content, it follows that more than one content process would be needed. See {{bug|1147911}} Use a separate content process for file:// URLs. | |||
If file:// access is remoted to the parent, could the contents of the URL bar be used to determine the allowable scope and accept/reject files as necessary? (Discussed previously by :billm, :bobowen.) | |||
|- | |- | ||
| {{bug|1090454}} Trigger print jobs from the parent instead of the child when printing from a remote browser || Blocks disabling write access to $HOME and other locations || | | {{bug|1090454}} Trigger print jobs from the parent instead of the child when printing from a remote browser || Blocks disabling write access to $HOME and other locations || | ||