Security/Reviews/Firefox5/ReviewNotes/GIO

From MozillaWiki
Jump to: navigation, search

Date of Review: 2011.05.02

Item Reviewed

  • GIO/GVFS integration for opening sftp:// or smb:// URIs directly in Firefox under Gnome bug 494163

Background:

  • Only for GNOME, gnome vfs (gvfs) extenion instead that is compiled by default
  • Gnome depricating apis etc, this is the replacement
    • Support for sftp is probably good, more leary of smb
      • This is marked as dangerous to load & thus mitigates attack
    • Could be used to read across domains to gain information about the network of a user via the browser (see above mitigation)
    • No worse than an extension that adds a privelaged protocol type
  • One diff is GIO is stateful where GVFS is not

Issues Raised:

  • How are passwords handled?
    • Uses the Firefox password manager
  • Password could potentially be saved and replayed
    • No different risk from any other connection
  • This is an extension of the attack surface to the internet for affected platforms, may require changes to SELinux versions for permissions
    • Out of our scope

Action Items:

  • None 
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Reviews/Firefox5/ReviewNotes/GIO&oldid=383650"