Security/Sandbox/Deny Filesystem Access

From MozillaWiki
< Security‎ | Sandbox
Revision as of 22:39, 16 May 2016 by Haftandilian (talk | contribs) (Initial version with table for status of filesystem sandbox in Nightly)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

A place for us to record everything we know about turning off filesystem access from the content process.

Status of filesystem access from the content process in Nightly:

Platform Status in Nightly
Windows TBD
OS X Some directories are read/write protected, but this will not provide real security until the bulk of the $HOME directory is fully write protected.

On OS X, the Firefox Profile directory is stored within ~/Library/Application Support/Firefox/Profiles/. ~/Library is read/write protected with a few exceptions for some specific subdirectories. Access to $HOME and other areas of the filesystem is not restricted. i.e., the content process can read and write to/from anywhere the OS permits: $HOME and temporary directories. The ~/Library read/write prevention could be bypassed because the rest of the $HOME is read/write accessible. For example, a compromised process could add malicious commands to ~/.login-type files to copy data from ~/Library when a user logs in.

Linux No filesystem policy enabled
Other No filesystem policy enabled
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Sandbox/Deny_Filesystem_Access&oldid=1132888"