This repository has been archived by the owner on Dec 27, 2023. It is now read-only.
problem of God mode #1
Comments
|
Hey,
Thanks for letting me know - I wasn't aware that they were planning / did
mitigate the attack which is pretty cool.
I'll have a closer look this weekend!
Cheers
Le dim. 7 juin 2020 à 11:27, rtfingc <notifications@github.com> a écrit :
… Hello, When reproduce cve-2019-11708, I found that in newer version of
firefox
turn_off_all_security_so_that_viruses_can_take_over_this_computer will
use read only page as below .
I cannot find any idea to trigger God Mode.
Do you have any idea?
inline bool IsInAutomation() {
if (!ReadOnlyPage::sInstance.mTurnOffAllSecurityPref) {
return false;
}
MOZ_RELEASE_ASSERT(AreNonLocalConnectionsDisabled());
return true;
}
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALIORJUNV2QOJQ4UQPHC73RVPL2DANCNFSM4NXQHN3Q>
.
|
|
This has been introduced by:
https://hg.mozilla.org/mozilla-central/diff/ef01a12520ae39f25f6cfa3972c85e2b1deb1dcb/js/xpconnect/src/xpcpublic.h
about
4 months ago.
@rtfingc thank you for reporting the issue - I'll update the README this
week to reflect that this doesn't work anymore according to your tests :)
Cheers
Le mar. 9 juin 2020 à 18:12, Axel Souchet <axelscht@gmail.com> a écrit :
… Hey,
Thanks for letting me know - I wasn't aware that they were planning / did
mitigate the attack which is pretty cool.
I'll have a closer look this weekend!
Cheers
Le dim. 7 juin 2020 à 11:27, rtfingc ***@***.***> a écrit :
> Hello, When reproduce cve-2019-11708, I found that in newer version of
> firefox
> turn_off_all_security_so_that_viruses_can_take_over_this_computer will
> use read only page as below .
> I cannot find any idea to trigger God Mode.
> Do you have any idea?
>
> inline bool IsInAutomation() {
> if (!ReadOnlyPage::sInstance.mTurnOffAllSecurityPref) {
> return false;
> }
> MOZ_RELEASE_ASSERT(AreNonLocalConnectionsDisabled());
> return true;
> }
>
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub
> <#1>, or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AALIORJUNV2QOJQ4UQPHC73RVPL2DANCNFSM4NXQHN3Q>
> .
>
|
|
Just added a note in the README, thanks again for reporting! Cheers |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hello, When reproduce cve-2019-11708, I found that in newer version of firefox
turn_off_all_security_so_that_viruses_can_take_over_this_computerwill use read only page as below .I cannot find any idea to trigger God Mode.
Do you have any idea?
The text was updated successfully, but these errors were encountered: