New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 795929 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
slangley@chromium.org
raymes@chromium.org
dcheng@chromium.org
editing-dev@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Feature



Sign in to add a comment

Check Clipboard permissions in the Browser process

Project Member Reported by garykac@chromium.org, Dec 18 2017 
For permissions that control access to a resource managed by the Browser (eg: system level features like clipboard), we should check the permission as close as possible to the resource usage.

This means checking the permission in the Browser process (in addition to or instead of the Renderer process).

Comment from dcheng@ (in https://chromium-review.googlesource.com/c/chromium/src/+/804973/1)
"""
Unfortunately, I think being able to do this is going to be some ways off. Today, the clipboard IPCs are not frame-scoped, so a compromised renderer could simply bypass the permissions checks altogether and just invoke the clipboard IPCs directly.

Fixing that would be a worthwhile followup once slangley@ is done simplifying clipboard.mojom. However, even then, there's another problem: edit commands are handled by the renderer, so it's the renderer that essentially initiates the request for pasting. So we would need to change this to be browser-driven as well and push the data from the browser down into the renderer on a paste, rather than the renderer going back up to the browser when it realizes it needs to do a paste. That would be a fairly involved change as well... so I think this is the best we can do for now.
"""

Comment 1 by raymes@chromium.org, Dec 18 2017

Summary: Check Clipboard permissions in the Browser process (was: Check permissions in the Browser process)

Comment 2 by yosin@chromium.org, Jan 9 2018

Components: -Blink>Editing Blink>Editing>Command
Status: Available (was: Untriaged)
How about WebView? Should do Blink check application permission?
Project Member

Comment 3 by sheriffbot@chromium.org, Jan 10

Labels: Hotlist-Recharge-Cold
Status: Untriaged (was: Available)
This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 4 by huangdarwin@chromium.org, Jan 10 

slangley@, is there a tracking bug or otherwise for the simplification of clipboard.mojom mentioned in this description? I assume that the clipboard.mojom mentioned is third_party/blink/public/mojom/clipboard/clipboard.mojom, and the work mentioned may have involved https://crrev.com/c/809824, but I'm not sure what it's current status is. Just curious if this bug can have a link to the mentioned work it's blocked on. Thanks!

Sign in to add a comment