Closed
Bug 88958
Opened 23 years ago
Closed 15 years ago
Add remote-admin-update into Mozilla (4.x "AutoUpdate")
Categories
(SeaMonkey :: UI Design, enhancement)
SeaMonkey
UI Design
Tracking
(Not tracked)
RESOLVED
EXPIRED
People
(Reporter: jpm, Assigned: jag+mozilla)
References
Details
Attachments
(2 files)
(deleted),
patch
|
Details | Diff | Splinter Review | |
(deleted),
patch
|
Details | Diff | Splinter Review |
Mozilla needs to be AutoUpdateable.
Reporter | ||
Updated•23 years ago
|
Priority: -- → P2
Target Milestone: --- → mozilla1.0
Reporter | ||
Comment 1•23 years ago
|
||
Need to create a better component than Browser-General for this.
QA Contact: doronr → hong
Need requirements for this functionality.
QA Contact: hong → rvelasco
Is this a gui thing or a guiless thing? assuming guiless and sending to xpapps.
Hoping my assumption is wrong. please provide a spec or start a newsthread in
n.p.m.<something> otherwise this bug is rather unusual and doesn't belong here.
Component: Browser-General → XP Apps
Updated•23 years ago
|
Keywords: nsenterprise
Comment 5•23 years ago
|
||
adding an initial patch for "AutoUpdate" functionality;
---
features :
1) has the functionality of downloading .xpi's and installing them;
2) it is a separate DLL
(can be merged with xpinstall, instead of a separate DLL)
---
New files :
1) nsAutoUpdateTrigger.cpp, nsAutoUpdateTrigger.h
2) nsSoftwareUpdate.cpp, nsSoftwareUpdate.h (modified to register 'AutoUpdate')
3) makefile.win, generates 'autoupdate' lib & dll.
other files are from 'xpinstall/src';
Comment 6•23 years ago
|
||
Comment 7•23 years ago
|
||
cc'ing dveditz for comments;
Comment 8•23 years ago
|
||
Comment 9•23 years ago
|
||
We're headed down the wrong path here. First, the "patch" appears to be a
complete copy of xpinstall, so it's impossible to tell what you changed. Second,
the test case shows that you added the new autoupdate object to the browser DOM
context, which is a **HUGE** security hole were we to implement this as-is.
**HUGE**
It cannot be overstated: this would be the holy grail of security holes, no need
for hackers to exploit tricky buffer overruns to get software to run on the
victim's machine.
Obviously the whole point of an install capability is to put software on someone
else's machine, but it is such a dangerous capability that we must be extremely
vigilant in making sure it can only be done in safe and controlled ways.
"AutoConfig" is another dangerous capability -- allowing some remote site to
control my prefs. Assuming we do proper security reviews on that and ensure
that's limited to controlled enterprise installations then it would be safe to
allow this "auto update" capability to happen in *that* already-secure context.
This will require hooks in the autoconfig context (who is doing that?) that can
talk to hooks in xpinstall, probably requiring some changes in both.
Comment 10•23 years ago
|
||
http://bugzilla.mozilla.org/show_bug.cgi?id=70348 is the bug for AutoConfig,
being worked on by Mitesh Shah. Thanks Dan for addressing some of the security
concerns!
Reporter | ||
Updated•23 years ago
|
Keywords: nsenterprise → nsenterprise+
Comment 11•23 years ago
|
||
Just so we're clear on this, the patch above cannot be checked in. We can't make
UI-less auto-update functionality available to untrusted web scripts.
Updated•23 years ago
|
QA Contact: rvelasco → lrg
Comment 13•23 years ago
|
||
This is not going to make emojo. Removing nsenterprise+.
Keywords: nsenterprise+
Comment 14•23 years ago
|
||
Autoupdate also needs to be writtern in JS like getLDAPAttributes() , see bug 75955.
Working on separating a JS context from Prefs so we can add this enterprise
related functionality to it (bug 89137)
Assignee: jpm → mitesh
Comment 15•23 years ago
|
||
*** Bug 101067 has been marked as a duplicate of this bug. ***
Comment 16•23 years ago
|
||
*** This bug has been marked as a duplicate of 23117 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Comment 17•23 years ago
|
||
Not a duplicate. bug 23117 is about checking for updates and notifying the user
when one is available (standard end-user stuff), this one is about enabling site
admins to remotely upgrade machines they're responsible for.
I've taken the liberty of updating the summary since this isn't the first time
people have tried to dupe the two.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Summary: Add AutoUpdate functionality into Mozilla → Add remote-admin-update into Mozilla (4.x "AutoUpdate")
Comment 18•23 years ago
|
||
Bugs targeted at mozilla1.0 without the mozilla1.0 keyword moved to mozilla1.0.1
(you can query for this string to delete spam or retrieve the list of bugs I've
moved)
Target Milestone: mozilla1.0 → mozilla1.0.1
Comment 19•23 years ago
|
||
mitesh is no longer with us. reassigning to default module owner. bug 113387
tracks the original list of mitesh bugs
Assignee: mitesh → pchen
Status: REOPENED → NEW
QA Contact: lrg → sairuh
Comment 20•23 years ago
|
||
-> default assignee
Assignee: pchen → trudelle
Target Milestone: mozilla1.0.1 → ---
Comment 21•23 years ago
|
||
severity->enhancement,cc sgehani, tpringle for input.
Severity: major → enhancement
Comment 22•23 years ago
|
||
This feature existed in the 4.x world and involves the prefs backend and install
world more than the XPApps world, IMHO.
Updated•23 years ago
|
Target Milestone: --- → Future
Comment 23•23 years ago
|
||
ccing gregg landskov.
Comment 24•22 years ago
|
||
Any chance to get this done in Buffy scope?
Comment 25•22 years ago
|
||
``Single Points of Internet 0wnership''
paper by Nicholas Weaver
http://www.cs.berkeley.edu/~nweaver/0wn2.html
explains why auto-updating is such a huge security risk.
Is there any way to have both auto-updating and also adequate security ?
Off the top of my head, say Mozilla only auto-updated from a https: server on
the local class-C network. Having to manually do something at one server for
every class-C network is much less work for the site admin than manually doing
something at every machine. Is the security risk in that case acceptable ?
Is there a security keyword ?
Updated•22 years ago
|
QA Contact: sairuh → paw
Comment 26•22 years ago
|
||
The way to do it would presumably be to have the updates be cryptographically
signed, and the administrator can decide which certificates are authorized to
update.
Comment 27•22 years ago
|
||
Any chance of seeing this kind of functionality finished off and added to the
nightly builds for testing?
Updated•20 years ago
|
Product: Core → Mozilla Application Suite
Updated•16 years ago
|
Assignee: trudelle → jag
Priority: P2 → --
QA Contact: pawyskoczka
Target Milestone: Future → ---
Comment 28•15 years ago
|
||
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.
If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.
Query tag for this change: mass-UNCONFIRM-20090614
Status: NEW → UNCONFIRMED
Comment 29•15 years ago
|
||
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.
If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.
Query tag for this change: mass-UNCONFIRM-20090614
Comment 30•15 years ago
|
||
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.
If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.
Query tag for this change: mass-UNCONFIRM-20090614
Comment 31•15 years ago
|
||
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.
If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.
Query tag for this change: mass-UNCONFIRM-20090614
Comment 32•15 years ago
|
||
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.
If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.
Query tag for this change: mass-UNCONFIRM-20090614
Comment 33•15 years ago
|
||
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.
If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.
Query tag for this change: mass-UNCONFIRM-20090614
Comment 34•15 years ago
|
||
This bug report is registered in the SeaMonkey product, but has been without a comment since the inception of the SeaMonkey project. This means that it was logged against the old Mozilla suite and we cannot determine that it's still valid for the current SeaMonkey suite. Because of this, we are setting it to an UNCONFIRMED state.
If you can confirm that this report still applies to current SeaMonkey 2.x nightly builds, please set it back to the NEW state along with a comment on how you reproduced it on what Build ID, or if it's an enhancement request, why it's still worth implementing and in what way.
If you can confirm that the report doesn't apply to current SeaMonkey 2.x nightly builds, please set it to the appropriate RESOLVED state (WORKSFORME, INVALID, WONTFIX, or similar).
If no action happens within the next few months, we move this bug report to an EXPIRED state.
Query tag for this change: mass-UNCONFIRM-20090614
Comment 35•15 years ago
|
||
MASS-CHANGE:
This bug report is registered in the SeaMonkey product, but still has no comment since the inception of the SeaMonkey project 5 years ago.
Because of this, we're resolving the bug as EXPIRED.
If you still can reproduce the bug on SeaMonkey 2 or otherwise think it's still valid, please REOPEN it and if it is a platform or toolkit issue, move it to the according component.
Query tag for this change: EXPIRED-20100420
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago → 15 years ago
Resolution: --- → EXPIRED
You need to log in
before you can comment on or make changes to this bug.
Description
•