Confirmed users
1,983
edits
Security/Sandbox/Deny Filesystem Access: Difference between revisions
Jump to navigation
Jump to search
Security/Sandbox/Deny Filesystem Access (view source)
Revision as of 16:44, 22 July 2016
, 22 July 2016edits
(add some plugin data) |
(edits) |
||
| Line 63: | Line 63: | ||
= Plugin File Access = | = Plugin File Access = | ||
* {{bug|1270018}} NS_APP_CONTENT_PROCESS_TEMP_DIR | |||
General | |||
* (FIXED) {{bug|1270018}} Create NS_APP_CONTENT_PROCESS_TEMP_DIR | |||
** Re-routes NS_OS_TEMP_DIR in the content process to a sandbox safe temp directory. | ** Re-routes NS_OS_TEMP_DIR in the content process to a sandbox safe temp directory. | ||
** Cleans up the directory on every restart. | ** Cleans up the directory on every restart. | ||
** [http://searchfox.org/mozilla-central/rev/496904277ce0143bc1a952f2eb2c7e6a81aa3d4d/dom/plugins/base/nsPluginHost.cpp#784 nsPluginHost::GetPluginTempDir] uses NS_APP_CONTENT_PROCESS_TEMP_DIR through NS_OS_TEMP_DIR. | ** [http://searchfox.org/mozilla-central/rev/496904277ce0143bc1a952f2eb2c7e6a81aa3d4d/dom/plugins/base/nsPluginHost.cpp#784 nsPluginHost::GetPluginTempDir] uses NS_APP_CONTENT_PROCESS_TEMP_DIR through NS_OS_TEMP_DIR. | ||
* {{bug|1284458}} nsPluginHost::GetPluginTempDir should return a sandbox writeable temp (Linux) | |||
* {{bug|1190032}} Sandbox failure in nsPluginHost::GetPluginTempDir (OSX) | Linux | ||
** | * (OPEN) {{bug|1284458}} nsPluginHost::GetPluginTempDir should return a sandbox writeable temp (Linux) | ||
** Currently not an issue since we do not restrict file access | |||
OSX | |||
* (FIXED) {{bug|1190032}} Sandbox failure in nsPluginHost::GetPluginTempDir (OSX) | |||
** Older bug that opened file access and new sub dir for GetPluginTempDir on OSX | |||
** This rule is now obsolete, superseded by the rule that allows access to NS_APP_CONTENT_PROCESS_TEMP_DIR. | |||
*** (OPEN) {{bug|1288774}} filed to remove this rule | |||