LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Firefox locks down the components directory

Firefox locks down the components directory

Posted Nov 26, 2009 14:36 UTC (Thu) by nix (subscriber, #2304)
In reply to: Firefox locks down the components directory by roelofs
Parent article: Firefox locks down the components directory

The docs explicitly say that it only works for chrome: I haven't checked
the code to see if this is enforced, but the FF hackers aren't complete
idiots so I suspect it is, since they went so far as to document it.

(Log in to post comments)

Firefox locks down the components directory

Posted Nov 27, 2009 11:33 UTC (Fri) by bangert (subscriber, #28342) [Link]

except that, in the past a number of privilege escalation bugs, elevating
code to chrome:/ level, have been present in FF?

Firefox locks down the components directory

Posted Nov 28, 2009 6:53 UTC (Sat) by njs (guest, #40338) [Link]

Sure, but IIUC chrome privileges *mean* you can do anything firefox can do, e.g. write to arbitrary files; turning this into a full-blown binary code injection is easy. JSCtypes doesn't sound like it lets you do anything you couldn't do before if you really wanted to and didn't care how much wreckage you left in your wake; it just makes it easier and supported.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds