From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 26254 invoked from network); 10 Nov 2020 01:28:50 -0000 Received: from hurricane.the-brannons.com (2605:2700:0:17:a800:ff:fe3e:bc77) by inbox.vuxu.org with ESMTPUTF8; 10 Nov 2020 01:28:50 -0000 Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by hurricane.the-brannons.com (Postfix) with ESMTP id 110B321DE05 for ; Mon, 9 Nov 2020 17:28:49 -0800 (PST) Received: from resqmta-ch2-05v.sys.comcast.net (resqmta-ch2-05v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:37]) by hurricane.the-brannons.com (Postfix) with ESMTPS id C057221DE03 for ; Mon, 9 Nov 2020 17:28:48 -0800 (PST) Received: from resomta-ch2-01v.sys.comcast.net ([69.252.207.97]) by resqmta-ch2-05v.sys.comcast.net with ESMTP id cHBBkRt6rsBpHcISlkUcT6; Tue, 10 Nov 2020 01:28:47 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=20190202a; t=1604971727; bh=b6pQ3YKRh+Et7+yC0dOEXLaQeOxDWHwDUUcXTrLXSyQ=; h=Received:Received:To:From:Reply-to:Subject:Date:Message-ID: Mime-Version:Content-Type; b=OjTXin0PNbRUi84hhItlcUuFbqZ/V0ILvSfT73bedVrOXIte/HIU3iPh6AJaqz2Zd NmmN/NpuzdLuRnYx9z2jcmYow8sDQXDjhkQoWjRjHNr+Skek6Owd0L6Kkh4dVZtIpm XdUChULnTwQkfh2Pp4XE3FpAtvs0fvZt2+oXonEIR6skEB2CGeVNeD4cu9xpTlD/hH zJJmHuuS809tgX6ytXyIWke69DT8rQ24Kg0eUWaV7ia6Ou6+IY39LFy3a3J6xL/4+Y fRQ3XWmi0TxIrc1RQRJpBncdbotwANJ0Tv4r3657TIhf/zLsUZs7R+OH97I9b4eLBG nR8ehoDlY2+GQ== Received: from unknown ([IPv6:2601:408:c300:a3d0::1121]) by resomta-ch2-01v.sys.comcast.net with ESMTPSA id cISYke1HAlpqCcISZkmSfu; Tue, 10 Nov 2020 01:28:35 +0000 X-Xfinity-VMeta: sc=0.00;st=legit To:edbrowse-dev@edbrowse.org From: Karl Dahlke Reply-to: Karl Dahlke References: <20201005232257.eklhad@comcast.net> <20201109231116.GB4369@toaster> User-Agent: edbrowse/3.7.7 Subject: [edbrowse-dev] interwindow bleed Date: Mon, 09 Nov 2020 20:28:34 -0500 Message-ID: <20201009202834.eklhad@comcast.net> X-BeenThere: edbrowse-dev@edbrowse.org List-Id: Edbrowse Development List Mime-Version: 1.0 Content-Type: multipart/mixed; boundary=nextpart-eb-774035 Content-Transfer-Encoding: 7bit This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --nextpart-eb-774035 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable > surprised (and annoyed with my self) that I didn't think about this... Yeah, me too. Ha ha. It's a funny thing about security. If you're not thinking about it, = you're really not thinking about it. Then when you do think about it, = sometimes it only takes 5 minutes of thought to see the problems. Like turning a light on. It just came to me in the shower. > Does that mean it won't be a "master window" without that built? As of 3.7.7, and in production, it's just an empty object, unless you = build the way I do, with EBDEMIN=3D1, then all our tracing and debugging and deminimization = stuff goes in there. > I hope it wasn't that bad. Oh I didn't mean it in a bad way. I have chronic insomnia, or more = accurately, non24, so if I have something interesting to work on at night, that's good. It was a pretty easy change, actually, to build all our stuff in each = window, rather than once in the master window. It didn't take long to do that, and now windows are properly isolated, = well, except for frames, and that's as it should be. I've seen more and more sites use code like this: if(top !=3D window) { stop and don't do anything } This guards against a security attack where your juicy site is pulled = in as a frame of a larger site, maybe the frame is your bank, and you log in, and the larger site that = owns this frame can dip in and see your login and password. Well, top is the top window that has all the frames, and not the current window, which is your bank, so that simple test comparing top and window guards against interwindow = bleed through the frame system. Even if we can stay with duktape, which would be nice, I'm learning = alot by this project, c++ for example, now have a better feel for it, and the nuts and bolts of the spider monkey api. I've already confirmed it is up to date, and handles all the things = that duktape doesn't. And it led me to the security hole, so it's all good. It would be really great if we could build either or both at will in = the ongoing future, but I don't think we can. The changes would spread outside of jseng_whatever.c and into three or = four other C, perhaps having to become c++, files. I'm losing some of my encapsulation. Karl Dahlke --nextpart-eb-774035--