Red Hat Bugzilla – Bug 1261273
app is not hardened in any way
Last modified: 2015-10-01 08:11:49 EDT
Description of problem:
Firefox (really all mozilla apps should be checked) is not hardened in any way.A browser is 50% of a client exploitable area, a mail app is the other half.GUESS WHAT? both apps from mozilla run the SAME CODE.
Yet there is LITTLE to NONE hardening options on these apps. I have dropped the bug with mozilla, but as usual with most of my bugs nobody seems to take me seriously.
Other apps such as kompozer and Icecat may be affected as well.
Why do we accept code like this?
AND CAN we compile it hardened or must we reject the sources until we can harden it?
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.run check security script when firefox is open
little to no hardening
These apps should be the most hardened most type checked applications ever.As always I recommend Pascal-esque languages for this BUT use C if you can pull it off.
Hasnt been done is an excuse. CANNOT be done means something else.
Firefox hardening has been fixed in Bug 1246287, is there needed anything else?
I dont think so. 1246287? you one lined it.And as far as I know, REDHAT team lead the way AGAIN. No other distro is using hardened browser.
"We take security seriously" HMMMM........I know yall do.