[Greasemonkey] Calling a page-defined function
Anthony Lieuallen
arantius at gmail.com
Tue Aug 15 10:57:41 EDT 2006
On 8/15/2006 6:22 AM, esquifit wrote:
> As far as I understand, unsafeWindow is 'only' unsafe with regard to
> built-in properties and methods ... Or am I missing something? Could
> the Deviation object be built in such a form as to detect whether it
> lives in the GM context, and thus potentially abuse some GM-API or
> even get chrome privileges?
Yes, it could.
Now, generally, it's not really unsafe, because generally the page is
not built to do such a thing. But, ever accessing *anything* in
unsafeWindow /could/ expose the privileged GM_ APIs to the content page,
if it is designed to try to do so.
The methods are complicated and difficult to understand, but if you're
curious, crawl around in the archives for the discussion around when the
0.3 branch was discovered to be insecure. The discussion over what the
problems were and what the solutions to them became will be enlightening.
More information about the Greasemonkey
mailing list