Mozilla 2/Protected mode: Difference between revisions

← Older edit

Mozilla 2/Protected mode (view source)

Revision as of 03:57, 7 May 2009

138 bytes added , 7 May 2009

→‎Potential Areas Affected / Issues

Jmathies

Confirmed users

1,983

edits

@@ Line 10: / Line 10: @@
 == Overview and Motivations ==
-Integrity is a new Windows security concept introduced with Windows Vista. Securable objects within the system, including applications and their associated windows, directories and files, and registry keys, are associated with one of a limited set of integrity levels. These integrity restrictions are independent of user level security restrictions.
+Integrity is a new Windows security concept introduced with Windows Vista. Securable objects within the system, including processes and their associated windows, directories and files, and registry keys, are associated with one of a limited set of integrity levels. These integrity restrictions are independent of user level security restrictions.
-In general, Integrity applies the general rule of "no write-up", implying objects with lower integrity do not have write access to objects with a higher level. In addition, objects running at lower integrity levels often have "no read-up" rules applied as well which restrict access completely.
+In general, Integrity applies the general rule of "no write-up", implying objects with lower integrity do not have write access to objects with higher integrity. In addition, objects running at much lower integrity levels often have "no read-up" rules applied for higher integrity objects which restrict access completely.
-Firefox 2.0 currently runs at the default "medium" integrity level. The goal is to add support for running at both low and medium integrity without adversly effecting the browser's usability or user experience.
+Firefox currently runs at a default "medium" integrity level. The goal is to add support for running at both the default medium and a low "protected mode" integrity level without adversely effecting the browser's usability or user experience. The decision of which integrity level Fx runs would be left to the user through a user pref or command line option.
 Three broad goals summarize the work required:
-* Research into the areas of the Fx codebase that will be affected in some way.
+* Research the areas of the Mozilla codebase which would be affected by applications running at a "low" integrity.
-* Add support for an exe launch shim ("broker") for Firefox which will facilitate better OS integration, including better, more secure protocol handling, application startup, and a more reliable DDE interface.
+* Add support for a medium integrity launch shim ("broker") for Firefox. (bug 396196)
-* Augment the functionality of the broker so that Firefox can interact with the system while running at a low integrity level.
+* Augment the functionality of the broker to support interaction between a low integrity Firefox process and the os and applications running at higher integrity levels.
 == Potential Areas Affected / Issues ==
@@ Line 31: / Line 31: @@
 * directory services (default locations)
 * general file access - write access restrictions to %userprofile%\AppData\LocalLow
-* profile management
+* profile management / migration
 * drag and drop
 * copy paste