[tor-commits] [tor-browser] 34/73: Bug 32418: Add a configure flag to load policies only from the local policies.json

gitolite role git at cupani.torproject.org
Thu Jul 21 10:27:51 UTC 2022 

This is an automated email from the git hooks/post-receive script.

pierov pushed a commit to branch tor-browser-91.12.0esr-11.5-1
in repository tor-browser.

commit 178950ffd65b548c5d4297bbee60d118297ca84c
Author: Kathy Brade <brade at pearlcrescent.com>
AuthorDate: Thu Apr 16 17:07:09 2020 -0400

    Bug 32418: Add a configure flag to load policies only from the local policies.json
    
    Add a configuration flag to make Enterprise Policies mechanism only
    consult a policies.json file (avoiding the Windows Registry, macOS's
    file system attributes, and /etc/firefox/policies/policies.json on
    other OS).
    
    We avoid system policies because their proxy settings override our
    preferences, however updates can be disabled only with enterprise
    policies, so we allow them from a local file as a trade off.
---
 browser/config/mozconfigs/base-browser                 |  3 +++
 .../enterprisepolicies/EnterprisePoliciesParent.jsm    | 13 +++++++++++--
 toolkit/components/enterprisepolicies/moz.build        |  3 +++
 toolkit/moz.configure                                  | 18 ++++++++++++++++++
 4 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/browser/config/mozconfigs/base-browser b/browser/config/mozconfigs/base-browser
index 9963ab7ef9e62..3281543dc71ab 100644
--- a/browser/config/mozconfigs/base-browser
+++ b/browser/config/mozconfigs/base-browser
@@ -26,6 +26,9 @@ ac_add_options --disable-parental-controls
 # Let's make sure no preference is enabling either Adobe's or Google's CDM.
 ac_add_options --disable-eme
 ac_add_options --enable-proxy-bypass-protection
+# See bugs #30575 and #32418: system policies are harmful either because they
+# could allow proxy bypass, and override a number of other preferences we set
+ac_add_options --disable-system-policies
 
 # Disable telemetry
 ac_add_options MOZ_TELEMETRY_REPORTING=
diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
index f5de14798de15..8022d65ab0b2d 100644
--- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
+++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm
@@ -4,6 +4,9 @@
 
 var EXPORTED_SYMBOLS = ["EnterprisePoliciesManager"];
 
+// If MOZ_AVOID_SYSTEM_POLICIES is defined, policies will be looked for only
+// in ${InstallDir}/distribution
+
 const { XPCOMUtils } = ChromeUtils.import(
   "resource://gre/modules/XPCOMUtils.jsm"
 );
@@ -13,9 +16,11 @@ const { AppConstants } = ChromeUtils.import(
 );
 
 XPCOMUtils.defineLazyModuleGetters(this, {
+#ifndef MOZ_AVOID_SYSTEM_POLICIES
   WindowsGPOParser: "resource://gre/modules/policies/WindowsGPOParser.jsm",
   macOSPoliciesParser:
     "resource://gre/modules/policies/macOSPoliciesParser.jsm",
+#endif
   Policies: "resource:///modules/policies/Policies.jsm",
   JsonSchemaValidator:
     "resource://gre/modules/components-utils/JsonSchemaValidator.jsm",
@@ -140,11 +145,13 @@ EnterprisePoliciesManager.prototype = {
 
   _chooseProvider() {
     let platformProvider = null;
+#ifndef MOZ_AVOID_SYSTEM_POLICIES
     if (AppConstants.platform == "win") {
       platformProvider = new WindowsGPOPoliciesProvider();
     } else if (AppConstants.platform == "macosx") {
       platformProvider = new macOSPoliciesProvider();
     }
+#endif
     let jsonProvider = new JSONPoliciesProvider();
     if (platformProvider && platformProvider.hasPolicies) {
       if (jsonProvider.hasPolicies) {
@@ -491,7 +498,7 @@ class JSONPoliciesProvider {
 
   _getConfigurationFile() {
     let configFile = null;
-
+#ifndef MOZ_AVOID_SYSTEM_POLICIES
     if (AppConstants.platform == "linux") {
       let systemConfigFile = Cc["@mozilla.org/file/local;1"].createInstance(
         Ci.nsIFile
@@ -504,7 +511,7 @@ class JSONPoliciesProvider {
         return systemConfigFile;
       }
     }
-
+#endif
     try {
       let perUserPath = Services.prefs.getBoolPref(PREF_PER_USER_DIR, false);
       if (perUserPath) {
@@ -585,6 +592,7 @@ class JSONPoliciesProvider {
   }
 }
 
+#ifndef MOZ_AVOID_SYSTEM_POLICIES
 class WindowsGPOPoliciesProvider {
   constructor() {
     this._policies = null;
@@ -686,3 +694,4 @@ class CombinedProvider {
     return false;
   }
 }
+#endif
diff --git a/toolkit/components/enterprisepolicies/moz.build b/toolkit/components/enterprisepolicies/moz.build
index 09d2046e1bd79..3f685d3fbbd66 100644
--- a/toolkit/components/enterprisepolicies/moz.build
+++ b/toolkit/components/enterprisepolicies/moz.build
@@ -19,6 +19,9 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] != "android":
     EXTRA_JS_MODULES += [
         "EnterprisePolicies.jsm",
         "EnterprisePoliciesContent.jsm",
+    ]
+
+    EXTRA_PP_JS_MODULES += [
         "EnterprisePoliciesParent.jsm",
     ]
 
diff --git a/toolkit/moz.configure b/toolkit/moz.configure
index 026e7fa7ba512..ffda1f21d7d64 100644
--- a/toolkit/moz.configure
+++ b/toolkit/moz.configure
@@ -2530,3 +2530,21 @@ def oxidized_breakpad(target):
 
 set_config("MOZ_OXIDIZED_BREAKPAD", True, when=oxidized_breakpad)
 set_define("MOZ_OXIDIZED_BREAKPAD", True, when=oxidized_breakpad)
+
+# Avoid system policies
+# ==============================================================
+
+option(
+    "--disable-system-policies",
+    help="Prevent reading policies from Windows registry, macOS's file system attributes, and /etc/firefox",
+)
+
+
+ at depends("--disable-system-policies")
+def system_policies(value):
+    if not value:
+        return True
+
+
+set_config("MOZ_AVOID_SYSTEM_POLICIES", system_policies)
+set_define("MOZ_AVOID_SYSTEM_POLICIES", system_policies)

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the tor-commits mailing list