[tor-bugs] #16222 [Tor Browser]: Review networking code for Firefox 38
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jun 19 20:28:41 UTC 2015
#16222: Review networking code for Firefox 38
-------------------------+-------------------------------------------------
Reporter: | Owner: mikeperry
mikeperry | Status: needs_review
Type: task | Milestone:
Priority: normal | Version:
Component: Tor | Keywords: ff38-esr, tbb-5.0a3-essential,
Browser | TorBrowserTeam201506R, MikePerry201506
Resolution: | Parent ID:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Changes (by mikeperry):
* status: assigned => needs_review
* keywords: ff38-esr, tbb-5.0a3-essential, TorBrowserTeam201506,
MikePerry201506 => ff38-esr, tbb-5.0a3-essential,
TorBrowserTeam201506R, MikePerry201506
Comment:
Ok, I have finished auditing all of the Firefox socket/networking API
usage. My notes are here:
https://gitweb.torproject.org/tor-browser-
spec.git/tree/audits/FF38_NETWORK_AUDIT
Everything that was suspicious/concerning is flagged with an XXX. Things
that I'd like another set of eyes on are marked with a - prefix. The set
of things I'm confident about are marked with a + prefix.
The following are things we want to keep an eye on in future releases
(marked with "+ XXX"):
* UDP push services (dom/push/PushService.jsm) are currently disabled,
but will use UDP and bypass proxy settings if enabled.
* The UDPSocket DOM API seems to be FxOS only for now, but can be enabled
on the desktop via the pref dom.udpsocket.enabled
* Similarly, the mozTCPSocket DOM API is FxOS only, but will bypass proxy
settings and is also behind the pref dom.mozTCPSocket.enabled.
* Roku Screen Sharing is FxOS/Android only, but will bypass proxy
settings if enabled.
The following things could use a second set of eyes and a decision on what
to do (marked with "- XXX"):
* The WebIDE debugger (and possibly also parts of the webconsole
debugger?) seem to have remote debugging capabilities. Additionally, if
you use WebIDE in stock FF38, it downloads and installs an ADB addon and
some other addon called Valence. The pref devtools.webide.enabled will
disable WebIDE, but there are also prefs for devtools.debugger.enabled and
devtools.debugger.remote-enabled. I think we want to turn all of these
off, but it would be useful if someone else could verify that this is
sufficient and not overkill (I found some conflicting information about
remote debugging being available in FF33 vs FF39+, and it sure seems like
my FF38 at least has WebIDE UI to connect remotely).
* SimpleServiceDiscovery (related to Roku screen sharing) can also bypass
proxy settings, and I'm not 100% sure it's not compiled in on the desktop.
The moz.build files are a bit hard to follow here.
* The "WebappRT" (runtime for webapps? See
./mobile/android/chrome/content/WebappRT.js) can set a whole bunch of
prefs, including prefs that enable the DOM UDP/TCPSocket APIs. Can webapps
be installed on the desktop? Does doing so suddenly enable all of these
APIs?
* The "Dashboard service" (./netwerk/base/Dashboard.cpp) can bypass proxy
settings. What the hell is this thing? I don't see it being used anywhere
else in the code...
* What's the deal with the server sockets in wrt
gfx/layers/LayerScope.cpp? Some websocket thing?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16222#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list