Security/Sandbox/Deny Filesystem Access: Difference between revisions

Security/Sandbox/Deny Filesystem Access (view source)

12 bytes added , 13 June 2016

Cross-Platform Blockers

202

edits

@@ Line 28: / Line 28: @@
 ! Bug !! What does it block? !! Why do we need it?
 |-
-| {{bug|922481}} e10s: remote the file:// protocol || Blocks disabling read access to $HOME and other locations ||
+| {{bug|922481}} e10s: remote the file:// protocol || Blocks disabling '''read''' access to $HOME and other locations ||
 # A compromised content process shouldn't be able to read arbitrary files, but when the user does File->Open or uses a file:/// URI, that must continue to work
@@ Line 37: / Line 37: @@
 If file:// access is remoted to the parent, could the contents of the URL bar be used to determine the allowable scope and accept/reject files as necessary? (Discussed previously by :billm, :bobowen.)
 |-
-| {{bug|1090454}} Trigger print jobs from the parent instead of the child when printing from a remote browser || Blocks disabling write access to $HOME and other locations ||
+| {{bug|1090454}} Trigger print jobs from the parent instead of the child when printing from a remote browser || Blocks disabling '''write''' access to $HOME and other locations ||
 # For print-to-file (e.g., PDF, postscript).
 # For printing? (I don't understand the details of why printing requires writing to filesystem).