User: Password:
|
|
Subscribe / Log in / New account

Firefox locks down the components directory

Firefox locks down the components directory

Posted Nov 26, 2009 5:06 UTC (Thu) by roelofs (guest, #2599)
Parent article: Firefox locks down the components directory

JSCtypes is a module that exposes C-compatible external library functions to JavaScript code.

On the face of it, that sounds very scary. Are we sure that it does so only for add-ons, not for embedded JS in web pages? (I don't know enough about JS in general and the specifically required Component.whatever call to be able to judge.)

Greg


(Log in to post comments)

Firefox locks down the components directory

Posted Nov 26, 2009 14:36 UTC (Thu) by nix (subscriber, #2304) [Link]

The docs explicitly say that it only works for chrome: I haven't checked
the code to see if this is enforced, but the FF hackers aren't complete
idiots so I suspect it is, since they went so far as to document it.

Firefox locks down the components directory

Posted Nov 27, 2009 11:33 UTC (Fri) by bangert (subscriber, #28342) [Link]

except that, in the past a number of privilege escalation bugs, elevating
code to chrome:/ level, have been present in FF?

Firefox locks down the components directory

Posted Nov 28, 2009 6:53 UTC (Sat) by njs (guest, #40338) [Link]

Sure, but IIUC chrome privileges *mean* you can do anything firefox can do, e.g. write to arbitrary files; turning this into a full-blown binary code injection is easy. JSCtypes doesn't sound like it lets you do anything you couldn't do before if you really wanted to and didn't care how much wreckage you left in your wake; it just makes it easier and supported.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds