Closed
Bug 1498223
Opened 6 years ago
Closed 6 years ago
Removed security modules from "Device Manager" are not being added back by the policies.json file
Categories
(Firefox :: Enterprise Policies, defect)
Firefox
Enterprise Policies
Tracking
()
VERIFIED
FIXED
Firefox 64
Tracking | Status | |
---|---|---|
firefox-esr60 | 64+ | verified |
firefox62 | --- | unaffected |
firefox63 | --- | unaffected |
firefox64 | --- | verified |
People
(Reporter: emilghitta, Assigned: mkaply)
References
Details
Attachments
(2 files)
9.15 MB,
image/gif
|
Details | |
46 bytes,
text/x-phabricator-request
|
lizzard
:
approval-mozilla-esr60+
|
Details | Review |
[Affected versions]: Firefox 64.0a1 (BuildId:20181010235834) [Affected platforms]: Windows 10 64bit. macOS 10.13.6 [Preconditions] Windows: Enable the "SecurittyDevices" policy and load the kpkcs11.dll: Example: { "policies": { "SecurityDevices": { "arbitrary name": ".....\\kpkcs11.dll" } } } You can download the kpkcs11.dll file from here: https://drive.google.com/file/d/16qxHyTWwPLPd37kOUXvuYP7owg5g8C6R/view Mac: For macOS please use the following file: https://drive.google.com/drive/u/0/folders/1kYcrfJuu816wC9Nqj2L2eu4zqkMAN4if [Steps to reproduce]: 1. Launch Firefox. 2. Access the about:preferences page. 3. Click the "Security Devices" button from the "Certificates" section. 4. Unload the security device that was added from the policy. 5. Restart Firefox. 6. Repeat steps 2 and 3. [Expected result]: The security device is loaded back. [Actual result]: The security device is no longer loaded after being removed from the "Device Manager" by the user (even after restarting Firefox). [Notes] For further information regarding this issue please observe the attached screencast.
Assignee | ||
Comment 1•6 years ago
|
||
Side note, this is a 64-bit DLL so it has to be loaded in 64 bit Firefox for testing.
Comment 2•6 years ago
|
||
This is because this is a runOnce policy that requires some modification to be applied again (for example changing the name). I wonder if we should instead list the modules and re-add any that are missing, instead of runOnce
Assignee | ||
Comment 3•6 years ago
|
||
> I wonder if we should instead list the modules and re-add any that are missing, instead of runOnce
I'm looking at that now. I'm checking if we can query the modules easily.
Assignee | ||
Comment 4•6 years ago
|
||
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → mozilla
Status: NEW → ASSIGNED
Pushed by mozilla@kaply.com: https://hg.mozilla.org/integration/autoland/rev/4e01769b6baf Always add security devices at startup if they aren't there. r=Felipe
Comment 6•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/4e01769b6baf
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 64
Reporter | ||
Comment 7•6 years ago
|
||
This issue is verified fixed using Firefox 64.0a1(BuildId:20181014223729)on Windows 10 64bit and macOS 10.13.6
Status: RESOLVED → VERIFIED
Assignee | ||
Comment 8•6 years ago
|
||
Comment on attachment 9016707 [details] Bug 1498223 - Always add security devices at startup if they aren't there. [ESR Uplift Approval Request] If this is not a sec:{high,crit} bug, please state case for ESR consideration: Followup to bug 1493249. Change for policy to match Firefox 64 User impact if declined: Policy not available Fix Landed on Version: 64 Risk to taking this patch: Low Why is the change risky/not risky? (and alternatives if risky): Policy only. String or UUID changes made by this patch:
Attachment #9016707 -
Flags: approval-mozilla-esr60?
Comment 9•6 years ago
|
||
Comment on attachment 9016707 [details] Bug 1498223 - Always add security devices at startup if they aren't there. New enterprise policy, verified by QA, let's uplift for ESR60.
Attachment #9016707 -
Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
Updated•6 years ago
|
Assignee | ||
Comment 11•6 years ago
|
||
https://hg.mozilla.org/releases/mozilla-esr60/rev/2f5803eed692c7ccad159e1c297da5dd7461419f
Flags: needinfo?(mozilla)
Updated•6 years ago
|
Reporter | ||
Comment 12•5 years ago
|
||
This is verified fixed using Firefox 60.3.1esr (provided in comment 11) on Windows 10 64bit and macOS 10.14
You need to log in
before you can comment on or make changes to this bug.
Description
•