[tor-commits] [tor-browser] 30/70: Bug 32418: Add a configure flag to load policies only from the local policies.json

gitolite role git at cupani.torproject.org
Tue Aug 9 10:53:04 UTC 2022 

This is an automated email from the git hooks/post-receive script.

pierov pushed a commit to branch tor-browser-102.0.1-12.0-1
in repository tor-browser.

commit 5eb9372b1ebef303a2010172861a3ad07aa207c0
Author: Pier Angelo Vendrame <pierov at torproject.org>
AuthorDate: Tue Jul 26 16:20:07 2022 +0200

    Bug 32418: Add a configure flag to load policies only from the local policies.json
    
    Add a configuration flag to make Enterprise Policies mechanism only
    consult a policies.json file (avoiding the Windows Registry, macOS's
    file system attributes, and /etc/firefox/policies/policies.json on
    other OS).
    
    We avoid system policies because their proxy settings override our
    preferences, however updates can be disabled only with enterprise
    policies, so we allow them from a local file as a trade off.
---
 browser/config/mozconfigs/base-browser                         |  3 +++
 .../components/enterprisepolicies/EnterprisePoliciesParent.jsm |  9 ++++++---
 toolkit/modules/AppConstants.jsm                               |  7 +++++++
 toolkit/modules/moz.build                                      |  1 +
 toolkit/moz.configure                                          | 10 ++++++++++
 5 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/browser/config/mozconfigs/base-browser b/browser/config/mozconfigs/base-browser
index 9963ab7ef9e62..3281543dc71ab 100644
--- a/browser/config/mozconfigs/base-browser
+++ b/browser/config/mozconfigs/base-browser
@@ -26,6 +26,9 @@ ac_add_options --disable-parental-controls
 # Let's make sure no preference is enabling either Adobe's or Google's CDM.
 ac_add_options --disable-eme
 ac_add_options --enable-proxy-bypass-protection
+# See bugs #30575 and #32418: system policies are harmful either because they
+# could allow proxy bypass, and override a number of other preferences we set
+ac_add_options --disable-system-policies
 
 # Disable telemetry
 ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
index bfb8c02573f22..1ec347ca3f5d1 100644
--- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
+++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
@@ -140,9 +140,12 @@ EnterprisePoliciesManager.prototype = {
 
   _chooseProvider() {
     let platformProvider = null;
-    if (AppConstants.platform == "win") {
+    if (AppConstants.platform == "win" && AppConstants.MOZ_SYSTEM_POLICIES) {
       platformProvider = new WindowsGPOPoliciesProvider();
-    } else if (AppConstants.platform == "macosx") {
+    } else if (
+      AppConstants.platform == "macosx" &&
+      AppConstants.MOZ_SYSTEM_POLICIES
+    ) {
       platformProvider = new macOSPoliciesProvider();
     }
     let jsonProvider = new JSONPoliciesProvider();
@@ -526,7 +529,7 @@ class JSONPoliciesProvider {
   _getConfigurationFile() {
     let configFile = null;
 
-    if (AppConstants.platform == "linux") {
+    if (AppConstants.platform == "linux" && AppConstants.MOZ_SYSTEM_POLICIES) {
       let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance(
         Ci.nsIFile
       );
diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm
index 7f8ac95dd9625..5799b78178aaf 100644
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -453,6 +453,13 @@ this.AppConstants = Object.freeze({
     false,
 #endif
 
+  MOZ_SYSTEM_POLICIES:
+#ifdef MOZ_SYSTEM_POLICIES
+    true,
+#else
+    false,
+#endif
+
   // Returns true for CN region build when distibution id set as 'MozillaOnline'
   isChinaRepack() {
     return (
diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build
index 26acb92b37b7c..f8f65aef789e0 100644
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -292,6 +292,7 @@ for var in (
     "MOZ_ALLOW_ADDON_SIDELOAD",
     "MOZ_BACKGROUNDTASKS",
     "MOZ_SYSTEM_NSS",
+    "MOZ_SYSTEM_POLICIES",
     "MOZ_UNSIGNED_APP_SCOPE",
     "MOZ_UNSIGNED_SYSTEM_SCOPE",
     "MOZ_UPDATE_AGENT",
diff --git a/toolkit/moz.configure b/toolkit/moz.configure
index 0dd52bd5203b7..a3dcca6909017 100644
--- a/toolkit/moz.configure
+++ b/toolkit/moz.configure
@@ -3210,3 +3210,13 @@ with only_when(compile_environment & depends(target.os)(lambda os: os != "WINNT"
     set_define("HAVE_ARC4RANDOM", check_symbol("arc4random"))
     set_define("HAVE_ARC4RANDOM_BUF", check_symbol("arc4random_buf"))
     set_define("HAVE_MALLINFO", check_symbol("mallinfo"))
+
+# System policies
+# ==============================================================
+
+option(
+    "--disable-system-policies",
+    help="Disable reading policies from Windows registry, macOS's file system attributes, and /etc/firefox",
+)
+
+set_config("MOZ_SYSTEM_POLICIES", True, when="--enable-system-policies")

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the tor-commits mailing list