Confirmed users
1,983
edits
Security/Sandbox/Deny Filesystem Access: Difference between revisions
Jump to navigation
Jump to search
Security/Sandbox/Deny Filesystem Access (view source)
Revision as of 15:43, 1 August 2016
, 1 August 2016extension edits
(buglink) |
(extension edits) |
||
| Line 89: | Line 89: | ||
= Extension Notes = | = Extension Notes = | ||
{{bug|1288874}} - Decide on our story for file access from add-ons, post-sandboxing | |||
* Traditional XUL and sdk extensions will never run in a separate process (bug 1136407) | * Traditional XUL and sdk extensions will never run in a separate process ({{bug|1136407}}) | ||
* Legacy extensions do a majority of their file access in the parent | * Legacy extensions do a majority of their file access in the parent | ||
* Frame scripts are currently loaded by the content process directly | * Frame scripts are currently loaded by the content process directly | ||
* Extension write access? | * Extension write access issues? | ||
** Consensus is: <strong>This should always be accomplished through the parent process</strong> | ** Consensus is: <strong>This should always be accomplished through the parent process</strong> | ||
** Question: Are there extensions that try to do this from content that we'll break? | ** Question: Are there extensions that try to do this from content that we'll break? | ||
** Question: Other areas content process frame scripts might try to write to? | ** Question: Other areas content process frame scripts might try to write to? | ||
** Write to areas like $PROFILE/chrome/userContent.css | |||
** Extension directories that get created in the root profile directory: | ** Extension directories that get created in the root profile directory: | ||
*** $PROFILE/extension-data/* (uMatrix) | *** $PROFILE/extension-data/* (uMatrix) | ||