Confirmed users
1,983
edits
Security/Sandbox/Deny Filesystem Access: Difference between revisions
Security/Sandbox/Deny Filesystem Access (view source)
Revision as of 13:55, 4 August 2016
, 4 August 2016edits
(formatting) |
(edits) |
||
| Line 36: | Line 36: | ||
* OSX Filter rules restrict access to various areas of the system and $HOME | * OSX Filter rules restrict access to various areas of the system and $HOME | ||
* Linux: File broker will manage read access to various areas of the system. | * Linux: File broker will manage read access to various areas of the system. | ||
Sync file access from content: | |||
[https://bugzilla.mozilla.org/show_bug.cgi?id=922481#c7 Parser, layout, XBL, Js access files using file://] need to be researched. Most should be associated with loading content. Some of this code may be leveraged by extensions. Most of these are sync in nature, and some leverage the nsIFile interface. | |||
User content navigation: | User content navigation: | ||
* We plan to have a separate content process that will handle accessing local content. ({{bug|1147911}}) | * We plan to have a separate content process that will handle accessing local content. ({{bug|1147911}}) | ||
* Question: If file:// access is remoted to the parent, could the contents of the URL bar be used to determine the allowable scope and accept/reject files as necessary? (Discussed previously by :billm, :bobowen.) | * Question: If file:// access is remoted to the parent, could the contents of the URL bar be used to determine the allowable scope and accept/reject files as necessary? (Discussed previously by :billm, :bobowen.) | ||
Extensions: | Extensions: | ||
* Access to profile resources need to be restricted. This may break some extensions. We should file bugs on individual issues. | * Access to profile resources need to be restricted. This may break some extensions. We should file bugs on individual issues. | ||