mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 02:14:43 +00:00
Bug 1312101 - Part 1: Remove permission assertions through the message manager; r=baku
Since AddProcessChecker is going away, there's no point in these permission checks any more.
This commit is contained in:
parent
5d73eed001
commit
130dc996d0
@ -40,8 +40,6 @@ function debug(str) {
|
||||
|
||||
const kNotificationIconSize = 128;
|
||||
|
||||
const kDesktopNotificationPerm = "desktop-notification";
|
||||
|
||||
const kNotificationSystemMessageName = "notification";
|
||||
|
||||
const kDesktopNotification = "desktop-notification";
|
||||
@ -256,13 +254,6 @@ var AlertsHelper = {
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
if (!aMessage.target.assertAppHasPermission(kDesktopNotificationPerm)) {
|
||||
Cu.reportError("Desktop-notification message " + aMessage.name +
|
||||
" from a content process with no " + kDesktopNotificationPerm +
|
||||
" privileges.");
|
||||
return;
|
||||
}
|
||||
|
||||
switch(aMessage.name) {
|
||||
case kMessageAlertNotificationSend:
|
||||
this.showAlertNotification(aMessage);
|
||||
|
@ -153,11 +153,6 @@ var DownloadsAPI = {
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
if (!aMessage.target.assertPermission("downloads")) {
|
||||
debug("No 'downloads' permission!");
|
||||
return;
|
||||
}
|
||||
|
||||
debug("message: " + aMessage.name);
|
||||
|
||||
switch (aMessage.name) {
|
||||
|
@ -43,9 +43,6 @@ var Utils = {
|
||||
}
|
||||
|
||||
return mm;
|
||||
},
|
||||
checkPermissionForMM: function u_checkPermissionForMM(mm, permName) {
|
||||
return mm.assertPermission(permName);
|
||||
}
|
||||
};
|
||||
|
||||
@ -215,32 +212,7 @@ this.Keyboard = {
|
||||
},
|
||||
|
||||
receiveMessage: function keyboardReceiveMessage(msg) {
|
||||
// If we get a 'Keyboard:XXX'/'System:XXX' message, check that the sender
|
||||
// has the required permission.
|
||||
let mm;
|
||||
|
||||
// Assert the permission based on the prefix of the message.
|
||||
let permName;
|
||||
if (msg.name.startsWith("Keyboard:")) {
|
||||
permName = "input";
|
||||
} else if (msg.name.startsWith("System:")) {
|
||||
permName = "input-manage";
|
||||
}
|
||||
|
||||
// There is no permission to check (nor we need to get the mm)
|
||||
// for Form: messages.
|
||||
if (permName) {
|
||||
mm = Utils.getMMFromMessage(msg);
|
||||
if (!mm) {
|
||||
dump("Keyboard.jsm: Message " + msg.name + " has no message manager.");
|
||||
return;
|
||||
}
|
||||
if (!Utils.checkPermissionForMM(mm, permName)) {
|
||||
dump("Keyboard.jsm: Message " + msg.name +
|
||||
" from a content process with no '" + permName + "' privileges.\n");
|
||||
return;
|
||||
}
|
||||
}
|
||||
let mm = Utils.getMMFromMessage(msg);
|
||||
|
||||
// we don't process kb messages (other than register)
|
||||
// if they come from a kb that we're currently not regsitered for.
|
||||
@ -538,13 +510,6 @@ function InputRegistryGlue() {
|
||||
InputRegistryGlue.prototype.receiveMessage = function(msg) {
|
||||
let mm = Utils.getMMFromMessage(msg);
|
||||
|
||||
let permName = msg.name.startsWith("System:") ? "input-mgmt" : "input";
|
||||
if (!Utils.checkPermissionForMM(mm, permName)) {
|
||||
dump("InputRegistryGlue message " + msg.name +
|
||||
" from a content process with no " + permName + " privileges.");
|
||||
return;
|
||||
}
|
||||
|
||||
switch (msg.name) {
|
||||
case 'InputRegistry:Add':
|
||||
this.addInput(msg, mm);
|
||||
|
@ -141,10 +141,6 @@ this.NetworkStatsService = {
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
if (!aMessage.target.assertPermission("networkstats-manage")) {
|
||||
return;
|
||||
}
|
||||
|
||||
debug("receiveMessage " + aMessage.name);
|
||||
|
||||
let mm = aMessage.target;
|
||||
|
@ -176,22 +176,7 @@ this.PermissionSettingsModule = {
|
||||
let result;
|
||||
switch (aMessage.name) {
|
||||
case "PermissionSettings:AddPermission":
|
||||
let success = false;
|
||||
let errorMsg =
|
||||
" from a content process with no 'permissions' privileges.";
|
||||
if (mm.assertPermission("permissions")) {
|
||||
success = this._internalAddPermission(msg, false);
|
||||
if (!success) {
|
||||
// Just kill the calling process
|
||||
mm.assertPermission("permissions-modify-implicit");
|
||||
errorMsg = " had an implicit permission change. Child process killed.";
|
||||
}
|
||||
}
|
||||
|
||||
if (!success) {
|
||||
Cu.reportError("PermissionSettings message " + msg.type + errorMsg);
|
||||
return null;
|
||||
}
|
||||
this._internalAddPermission(msg, false);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -78,12 +78,6 @@ this.PresentationDeviceInfoService = {
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
if (!aMessage.target.assertPermission("presentation-device-manage")) {
|
||||
debug("receive message " + aMessage.name +
|
||||
" from a content process with no 'presentation-device-manage' privileges.");
|
||||
return null;
|
||||
}
|
||||
|
||||
let msg = aMessage.data || {};
|
||||
let mm = aMessage.target;
|
||||
|
||||
|
@ -210,9 +210,6 @@ Object.assign(PushServiceParent.prototype, {
|
||||
this.notificationForOriginClosed(data);
|
||||
return;
|
||||
}
|
||||
if (!target.assertPermission("push")) {
|
||||
return;
|
||||
}
|
||||
if (name === "Push:ReportError") {
|
||||
this.reportDeliveryError(data.messageId, data.reason);
|
||||
return;
|
||||
|
@ -465,13 +465,7 @@ SecureElementManager.prototype = {
|
||||
return null;
|
||||
}
|
||||
|
||||
if (SE_IPC_SECUREELEMENT_MSG_NAMES.indexOf(msg.name) !== -1) {
|
||||
if (!msg.target.assertPermission("secureelement-manage")) {
|
||||
debug("SecureElement message " + msg.name + " from a content process " +
|
||||
"with no 'secureelement-manage' privileges.");
|
||||
return null;
|
||||
}
|
||||
} else {
|
||||
if (SE_IPC_SECUREELEMENT_MSG_NAMES.indexOf(msg.name) === -1) {
|
||||
debug("Ignoring unknown message type: " + msg.name);
|
||||
return null;
|
||||
}
|
||||
|
@ -1076,10 +1076,8 @@ var SettingsRequestManager = {
|
||||
case "Settings:Run":
|
||||
case "Settings:Finalize":
|
||||
this.checkSoftLockup();
|
||||
let kill_process = false;
|
||||
if (!msg.lockID) {
|
||||
Cu.reportError("Process sending request for lock that does not exist. Killing.");
|
||||
kill_process = true;
|
||||
}
|
||||
else if (!this.lockInfo[msg.lockID]) {
|
||||
if (DEBUG) debug("Cannot find lock ID " + msg.lockID);
|
||||
@ -1090,12 +1088,6 @@ var SettingsRequestManager = {
|
||||
}
|
||||
else if (mm != this.lockInfo[msg.lockID]._mm) {
|
||||
Cu.reportError("Process trying to access settings lock from another process. Killing.");
|
||||
kill_process = true;
|
||||
}
|
||||
if (kill_process) {
|
||||
// Kill the app by checking for a non-existent permission
|
||||
aMessage.target.assertPermission("message-manager-mismatch-kill");
|
||||
return;
|
||||
}
|
||||
default:
|
||||
break;
|
||||
@ -1111,7 +1103,6 @@ var SettingsRequestManager = {
|
||||
if (!SettingsPermissions.hasSomeReadPermission(aMessage.principal)) {
|
||||
Cu.reportError("Settings message " + aMessage.name +
|
||||
" from a content process with no 'settings-api-read' privileges.");
|
||||
aMessage.target.assertPermission("message-manager-no-read-kill");
|
||||
return;
|
||||
}
|
||||
this.addObserver(mm, aMessage.principal);
|
||||
@ -1126,7 +1117,6 @@ var SettingsRequestManager = {
|
||||
// kill.
|
||||
if (msg.lockID in this.settingsLockQueue) {
|
||||
Cu.reportError("Trying to queue a lock with the same ID as an already queued lock. Killing app.");
|
||||
aMessage.target.assertPermission("lock-id-duplicate-kill");
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -316,12 +316,6 @@ this.SystemUpdateService = {
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
if (!aMessage.target.assertPermission("system-update")) {
|
||||
debug("receive message " + aMessage.name +
|
||||
" from a content process with no 'system-update' privileges.");
|
||||
return null;
|
||||
}
|
||||
|
||||
let msg = aMessage.data || {};
|
||||
let mm = aMessage.target;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user