Bug 1261273 - app is not hardened in any way
app is not hardened in any way
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: firefox (Show other bugs)
22
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Martin Stransky
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-09 01:59 EDT by Richard Jasmin
Modified: 2015-10-01 08:11 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-10-01 08:11:49 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Richard Jasmin 2015-09-09 01:59:37 EDT
Description of problem:
Firefox (really all mozilla apps should be checked) is not hardened in any way.A browser is 50% of a client exploitable area, a mail app is the other half.GUESS WHAT? both apps from mozilla run the SAME CODE.

Yet there is LITTLE to NONE hardening options on these apps. I have dropped the bug with mozilla, but as usual with most of my bugs nobody seems to take me seriously.

Other apps such as kompozer and Icecat may be affected as well.
Why do we accept code like this?

AND CAN we compile it hardened or must we reject the sources until we can harden it?

Version-Release number of selected component (if applicable):
21+

How reproducible:
ALWAYS

Steps to Reproduce:
1.run check security script when firefox is open

Actual results:
little to no hardening

Expected results:
These apps should be the most hardened most type checked applications ever.As always I recommend Pascal-esque languages for this BUT use C if you can pull it off.

Hasnt been done is an excuse. CANNOT be done means something else.
Comment 1 Martin Stransky 2015-09-09 03:17:05 EDT
Firefox hardening has been fixed in Bug 1246287, is there needed anything else?
Comment 2 Richard Jasmin 2015-09-09 19:33:36 EDT
I dont think so. 1246287? you one lined it.And as far as I know, REDHAT team lead the way AGAIN. No other distro is using hardened browser.
"We take security seriously" HMMMM........I know yall do.

Note You need to log in before you can comment on or make changes to this bug.