canmove, Confirmed users
1,220
edits
FirefoxOS/New security model: Difference between revisions
Jump to navigation
Jump to search
→Process isolation
(→Origins and cookie jars: correct a typo) |
Ptheriault (talk | contribs) |
||
| Line 90: | Line 90: | ||
</bugzilla> | </bugzilla> | ||
=== Process isolation | === Process isolation - {{Bug|1153428}} === | ||
In order to ensure that only signed content can access the APIs that it has been signed for, we want to always use separate child processes to run such content. | In order to ensure that only signed content can access the APIs that it has been signed for, we want to always use separate child processes to run such content. | ||
This means that when a user navigates from an unsigned page to a signed page, that we need to switch which process render the pages. Right now this can only be done by creating a new <iframe mozbrowser>. | This means that when a user navigates from an unsigned page to a signed page, that we need to switch which process render the pages. Right now this can only be done by creating a new <iframe mozbrowser>. | ||
| Line 107: | Line 102: | ||
We also need to change security checks that currently are done in the parent process. Currently many of them are heavily based on app-ids and installed apps. This may need to be changed. | We also need to change security checks that currently are done in the parent process. Currently many of them are heavily based on app-ids and installed apps. This may need to be changed. | ||
<bugzilla> | |||
{ | |||
"blocks": 1153428, | |||
"include_fields": "id, priority, summary, status, assigned_to,resolution", | |||
"order": "bug_id" | |||
} | |||
</bugzilla> | |||
=== Installing and updating === | === Installing and updating === | ||