Re: [cros-discuss] Questions about chrome-untrusted://
3,912 views
Skip to first unread message
Mike Frysinger
Jul 27, 2020, 12:48:09 PM7/27/20
to Dennis Lockhart, chromium...@chromium.org
[ chromium-os-discuss -> chromium-discuss ]
this is coming from the browser and is changing across all systems, so kicking over to the browser group for visibility.
-mike
On Mon, Jul 27, 2020 at 11:38 AM DennisLfromGA <denny.l...@gmail.com> wrote:
I was hoping to get some explanation about what the prefix chrome-untrusted:// might mean.--I've seen questions in the Chromebook help forums and on sub-reddits mentioning it recently and just wanted to be able to alleviate any concerns about it if possible.I saw mention of it in the links below and it sounds like it's just a way of showing a 'web app' as opposed to the 'nassh app/extension' but it's causing users to question it security-wise.Secure Shell (stable) updated to 0.32 - Google Groups
https://groups.google.com/a/chromium.org/forum/#!msg/chromium-hterm/uc59dETZnss/2c3hdm26AgAJ
nassh/js/crosh.js - apps/libapps - Git at Google
https://chromium.googlesource.com/apps/libapps/+/master/nassh/js/crosh.js?autodive=0%2FI'm probably just not understanding it's implications.Thanx,~Denny
--
Chromium OS Discussion mailing list: chromium-...@chromium.org
View archives, change email options, or unsubscribe:
https://groups.google.com/a/chromium.org/group/chromium-os-discuss
Joel Hockey
Jul 31, 2020, 4:41:25 AM7/31/20
to Mike Frysinger, Dennis Lockhart, chromium...@chromium.org
There is no security concern for running the apps that we host at chrome-untrusted:// such as the crostini terminal. Despite the choice of words for that scheme name, the creation of that new scheme is in the interest of greater security.
When adding new features such as tab support for apps, we moved terminal from the chrome extension platform (chrome-extension://) to be much more like a more standard web app. We decided not to use the existing chrome:// scheme for serving the content and controlling access to APIs, but to create the new chrome-untrusted scheme which has less capabilities (i.e. more secure).
From the Chrome OS host perspective, we do consider code running inside the container such as the bash shell to be 'untrusted' since this code is not under our control - this is why we are running it inside a VM to start with. So when we run the crostini terminal, our design from the security perspective is to make sure that any code running in the terminal has the minimum possible access to the rest of the browser and system, which is what chrome-untrusted is for.
We also generally consider extensions running at chrome-extension:// to be untrusted, so there is no real change here.
Denny Lockhart
Jul 31, 2020, 4:41:39 AM7/31/20
to Giovanni Ortuno Urquidi, Chromium-discuss, Joel Hockey, Mike Frysinger
Giovanni,
Thanx for the further explanation.
I still don't see these replies on either of the pages below:
Moved to:
I'm not sure if they failed the review process or if the delay is just days instead of hours.
Anyway, I suppose I'll wait a while longer and if I don't see anything I'll attempt to post them directly on the chromium-discuss link the discussion was moved to.
Thanks much everyone,
~Denny
On Tue, Jul 28, 2020 at 7:25 PM Giovanni Ortuno Urquidi <ort...@chromium.org> wrote:
Hey!chrome-untrusted:// is a new scheme which we use to serve resources bundled with Chrome and which process external content.The “-untrusted” suffix indicates that the WebUI processes external content, i.e. content not originating from Chrome itself. For example, rendering an image provided by users, parsing a PDF file, etc.The “-untrusted” suffix does not mean the web page is designed to do malicious things, or users should not trust it. Instead, the “-untrusted” suffix is to signal to us, Chromium developers, that this page will process external content.The scheme is an implementation detail of our internal pages and is not meant to mean anything to users.
Giovanni Ortuno Urquidi
Jul 31, 2020, 4:41:40 AM7/31/20
to Chromium-discuss, denny.l...@gmail.com
Hey!
chrome-untrusted:// is a new scheme which we use to serve resources bundled with Chrome and which process external content.
The “-untrusted” suffix indicates that the WebUI processes external content, i.e. content not originating from Chrome itself. For example, rendering an image provided by users, parsing a PDF file, etc.
The “-untrusted” suffix does not mean the web page is designed to do malicious things, or users should not trust it. Instead, the “-untrusted” suffix is to signal to us, Chromium developers, that this page will process external content.
The scheme is an implementation detail of our internal pages and is not meant to mean anything to users.
On Tuesday, July 28, 2020 at 2:48:09 AM UTC+10, Mike Frysinger wrote:
[ chromium-os-discuss -> chromium-discuss ]chrome-untrusted is fine for extensions. but i can see how users might find it confusing.this is coming from the browser and is changing across all systems, so kicking over to the browser group for visibility.-mike
On Mon, Jul 27, 2020 at 11:38 AM DennisLfromGA <denny.l...@gmail.com> wrote:
I was hoping to get some explanation about what the prefix chrome-untrusted:// might mean.--I've seen questions in the Chromebook help forums and on sub-reddits mentioning it recently and just wanted to be able to alleviate any concerns about it if possible.I saw mention of it in the links below and it sounds like it's just a way of showing a 'web app' as opposed to the 'nassh app/extension' but it's causing users to question it security-wise.Secure Shell (stable) updated to 0.32 - Google Groups
https://groups.google.com/a/chromium.org/forum/#!msg/chromium-hterm/uc59dETZnss/2c3hdm26AgAJ
nassh/js/crosh.js - apps/libapps - Git at Google
https://chromium.googlesource.com/apps/libapps/+/master/nassh/js/crosh.js?autodive=0%2FI'm probably just not understanding it's implications.Thanx,~Denny
--
Chromium OS Discussion mailing list: chromium-os-discuss@chromium.org
Reply all
Reply to author
Forward
0 new messages