Closed
Bug 1218292
Opened 10 years ago
Closed 10 years ago
Without setting "developer-root" and "trusted-root" still can open nsec packages
Categories
(Firefox OS Graveyard :: Infrastructure, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mlien, Unassigned)
References
Details
[Blocking Requested - why for this release]:
[Description]
Enable "network.http.enable-packaged-apps" and "network.http.signed-packages.enabled" but doesn't set "network.http.signed-packages.developer-root" and "network.http.signed-packages.trusted-root" still can open nsec packages
[Reproduce Steps]
1. Enable two preferences "network.http.enable-packaged-apps" and "network.http.signed-packages.enabled"
2. Do not set "network.http.signed-packages.developer-root" and "network.http.signed-packages.trusted-root"
3. Open nsec package, e.g., http://people.mozilla.org/~mlien/uitest_privileged.pak!//index.html
[Expected Result]
Cannot access nsec package because no permission key in device and no trusted origin as well
[Actual Result]
The first time will show file not found, refresh webpage again will show package successfully
[Build Information]
Build ID 20151025090221
Gaia Revision 1c6628ed1e40575e5ec3669ab6ef389d4ebeea65
Gaia Date 2015-10-23 17:01:43
Gecko Revision https://hg.mozilla.org/mozilla-central/rev/d53a52b39a95dced722cca90ac74529b66dd5253
Gecko Version 44.0a1
Device Name aries
Firmware(Release) 4.4.2
Firmware(Incremental) eng.worker.20151025.082115
Firmware Date Sun Oct 25 08:21:23 UTC 2015
Bootloader s1
[Reproduce Rate]
100%
|
Reporter | |
Updated•10 years ago
|
QA Whiteboard: [COM=NSec]
|
||
Comment 2•10 years ago
|
||
From what I heard from Mike, those packages failed for the first time, but can be opened when reload.
This is because cache are not cleared after verification failure.
Bug 1214079 is addressing this issue. Or we may even set this as a duplicate.
Depends on: 1214079
Flags: needinfo?(jhao)
|
||
Updated•10 years ago
|
blocking-b2g: 2.5? → ---
|
||
Comment 3•10 years ago
|
||
Mike, this bug should already be resolved. Please help to verify it, thanks.
|
|
Reporter | |
Comment 4•10 years ago
|
||
verify again with the latest build, it works as expected: no these two prefs won't allow user to access nsec packages
Build Information:
Build ID 20151113011841
Gaia Revision 4019a15121359c470765dd06e94850dd64cdf8d9
Gaia Date 2015-11-12 17:17:45
Gecko Revision https://hg.mozilla.org/mozilla-central/rev/0c648a1efbe06b5ec866ba058d18256b80808b46
Gecko Version 45.0a1
Device Name aries
Firmware(Release) 4.4.2
Firmware(Incremental) eng.worker.20151113.003716
Firmware Date Fri Nov 13 00:37:24 UTC 2015
Bootloader s1
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
|
||
Comment 5•10 years ago
|
||
Good. Thanks for verification, Mike.
You need to log in
before you can comment on or make changes to this bug.
Description
•