Closed
Bug 7257
Opened 26 years ago
Closed 15 years ago
Security review of chrome registration interface
Categories
(Core Graveyard :: Skinability, defect, P3)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: norrisboyd, Assigned: hjtoi-bugzilla)
References
Details
(Whiteboard: [sg:investigation])
Entering all security bugs and tasks for SeaMonkey into Buzilla for schedule
tracking.
Reporter | ||
Updated•26 years ago
|
Depends on: 7256
Summary: Security review of chrome registration interface → Security review of chrome registration interface
Reporter | ||
Updated•26 years ago
|
Target Milestone: M8
Reporter | ||
Updated•26 years ago
|
Status: NEW → ASSIGNED
Updated•26 years ago
|
Target Milestone: M8 → M9
Comment 1•26 years ago
|
||
has the review been completed during m8? rolling this tracking bug over to m9
Reporter | ||
Updated•26 years ago
|
Target Milestone: M9 → M11
Reporter | ||
Comment 2•26 years ago
|
||
Depends on 9682, which is M11.
Reporter | ||
Updated•26 years ago
|
Target Milestone: M11 → M12
Reporter | ||
Updated•25 years ago
|
Target Milestone: M12 → M14
Reporter | ||
Updated•25 years ago
|
Summary: Security review of chrome registration interface → [Feature] Security review of chrome registration interface
Target Milestone: M14 → M15
Reporter | ||
Comment 3•25 years ago
|
||
Push security review tasks off until M16.
Target Milestone: M15 → M16
Bulk moving all Browser Security bugs to new Security: General component. The
previous Security component for Browser will be deleted.
Component: Security → Security: General
Comment 5•25 years ago
|
||
Adding 'skins' keyword to selected chrome bugs. Please add any omissions.
Sorry for any mistakes...
Keywords: skins
Reporter | ||
Updated•25 years ago
|
Summary: [Feature] Security review of chrome registration interface → Security review of chrome registration interface
Target Milestone: M16 → M17
Reporter | ||
Updated•25 years ago
|
Keywords: beta2
Whiteboard: No review planned until feature is complete (post-nsbeta2)
Comment 8•25 years ago
|
||
Bulk reassigning most of norris's bugs to mstoltz.
Assignee: norris → mstoltz
Status: ASSIGNED → NEW
Comment 9•25 years ago
|
||
David,
Norris suggested I assign this one to you...could you take a look, or else
pass it on?
Assignee: mstoltz → hyatt
Comment 10•25 years ago
|
||
cc'ing myself.
Comment 11•25 years ago
|
||
Changing (post-nsbeta2) in Summary to read (post-PR2) so my "nsbeta2 in keyword
with no nsbeta2 in Summary" query will pick this bug up for PDT review.
Whiteboard: No review planned until feature is complete (post-nsbeta2) → No review planned until feature is complete (post-PR2)
Comment 12•25 years ago
|
||
[nsbeta2-]
Whiteboard: No review planned until feature is complete (post-PR2) → [nsbeta2-] No review planned until feature is complete (post-PR2)
Comment 15•25 years ago
|
||
This was never Hyatt's bug. My understanding is that the chrome registry
already exists. What is missing that needs security review?
Putting back on nsbeta2 radar, this review seems essential for skins to be safe.
Assignee: hyatt → mstoltz
Whiteboard: [nsbeta2-] No review planned until feature is complete (post-PR2) → No review planned until feature is complete
Target Milestone: M20 → ---
Comment 16•25 years ago
|
||
Putting on [nsbeta2-] radar.
Whiteboard: No review planned until feature is complete → [nsbeta2-] No review planned until feature is complete
Updated•25 years ago
|
Assignee: mstoltz → ben
Component: Security: General → Skinability
QA Contact: czhang → szhu
Whiteboard: [nsbeta2-] No review planned until feature is complete
Target Milestone: --- → M17
Comment 17•25 years ago
|
||
I'm reassigning this to Skinability so that it will catch the eye of someone who
knows this code. I'm happy to help with a security review but I need help from
someone who knows/owns this code. Can we set up a meeting time to do this review?
Comment 18•25 years ago
|
||
Removed NSBeta2- to trigger re-evaluation. I assume skins are nearing completion,
and we should have a security review before beta2 is released.
Comment 19•25 years ago
|
||
This is a bug for a review mtg. Not a blocker. Putting on [nsbeta2-] radar.
Whiteboard: [nsbeta2-]
Comment 20•25 years ago
|
||
*spam* changing QA to me for all skinability bugs (all 4 of them!)
QA Contact: szhu → BlakeR1234
Updated•25 years ago
|
Whiteboard: [nsbeta2-] → [nsbeta2-] [b3nav+]
Comment 21•25 years ago
|
||
Yes, we need to review this for beta 3. Ben, make sure we're following German's
spec here.
Priority: P3 → P1
Whiteboard: [nsbeta2-] [b3nav+] → [nsbeta2-][b3nav+]
Target Milestone: M17 → M20
Comment 22•25 years ago
|
||
nav triage team: changing [b3nav+] bugs to [nsbeta3+].
Whiteboard: [nsbeta2-][b3nav+] → [nsbeta2-][nsbeta3+]
Comment 23•25 years ago
|
||
what is required here? I'm only responsible for XUL/CSS stuff. this doesn't
sound like my bug.
Comment 24•25 years ago
|
||
I want to hold a brainstorming session on chrome/xul/css security this week. Ben,
this includes you.
Comment 25•25 years ago
|
||
ok, let me know when, preferably a day in advance as I don't often get in early
;)
Status: NEW → ASSIGNED
Comment 26•25 years ago
|
||
Adding nsbeta3 keyword to bugs which already have nsbeta3 status markings so
the queries don't get all screwed up.
Keywords: nsbeta3
Comment 27•25 years ago
|
||
mitch, I don't want this on my radar if I don't know what's going on. Tell me
what you want me to do or I'll close it :P
Priority: P1 → P4
Comment 28•25 years ago
|
||
I'll take this back. I've spoken to Hyatt a bit and he's calmed my fears a bit,
although a meeting might still be a good idea, when I have the time. Clearing the
+ for now.
Comment 29•25 years ago
|
||
jar suggested that mstoltz take this and if you run into any security fears,
create a new bug and nominate nsbeta3.
Comment 30•25 years ago
|
||
Removing nsbeta3 as this is a 'tracking" bug
Status: NEW → ASSIGNED
Keywords: nsbeta3
Comment 31•25 years ago
|
||
nsbeta3. It would be nice to bring this up at an architecture meeting, maybe.
Keywords: nsbeta3
Priority: P4 → P3
Comment 32•24 years ago
|
||
Unless you guys want me to dial in and listen to your meeting (I'll also accept
it if you pay to fly me to CA), I'm not sure how I'll verify that you guys had
a meeting about this. So, setting QA to mstoltz.
QA Contact: blakeross → mstoltz
Comment 35•24 years ago
|
||
Mitch, on 8/16 you said your fears were calmed a bit by talking to Hyatt. Is
there anything left to really do for this bug? Do you still need a skins person
to help do a review?
Whiteboard: [need info]
Comment 36•24 years ago
|
||
Yes. Mybe not for rtm, but soon.
Comment 37•24 years ago
|
||
PDT marking [rtm-] for this to-do item. If any serious bugs crop up as a result
of this review, please nominate them separately.
Whiteboard: [need info] → [rtm-]
Comment 38•24 years ago
|
||
Mass adding mozilla0.9 keyword (mass changing milestone doesn't seem to work).
Keywords: mozilla0.9
Comment 39•24 years ago
|
||
Mass changing milestone to Moz1.0 - stuff targeted for late spring/early summer.
Target Milestone: --- → mozilla1.0
Comment 40•23 years ago
|
||
Bugs targeted at mozilla1.0 without the mozilla1.0 keyword moved to mozilla1.0.1
(you can query for this string to delete spam or retrieve the list of bugs I've
moved)
Target Milestone: mozilla1.0 → mozilla1.0.1
Comment 41•23 years ago
|
||
don't move bugs that are in the 1.0 dependency tree. sorry.
Target Milestone: mozilla1.0.1 → mozilla1.0
Comment 42•23 years ago
|
||
Moving Netscape owned 0.9.9 and 1.0 bugs that don't have an nsbeta1, nsbeta1+,
topembed, topembed+, Mozilla0.9.9+ or Mozilla1.0+ keyword. Please send any
questions or feedback about this to adt@netscape.com. You can search for
"Moving bugs not scheduled for a project" to quickly delete this bugmail.
Target Milestone: mozilla1.0 → mozilla1.2
Updated•23 years ago
|
Target Milestone: mozilla1.2alpha → mozilla1.2beta
Comment 44•22 years ago
|
||
Might still be something to look for here; if we do any more security reviews.
Assignee: mstoltz → heikki
Status: ASSIGNED → NEW
Whiteboard: [rtm-] → [sg:investigation]
Updated•16 years ago
|
Product: Core → Core Graveyard
Updated•15 years ago
|
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•