fix for 42387, r=dveditz

2000-07-20 01:16:15 +00:00 · 2000-07-20 01:16:15 +00:00 · 3706de2b9a
--- a/caps/include/nsScriptSecurityManager.h
+++ b/caps/include/nsScriptSecurityManager.h
@ -45,7 +45,7 @@
 #include "nsDOMPropEnums.h"
 #include "nsCOMPtr.h"

-class nsIPref;
+class nsISecurityPref;

 /////////////////////
 // nsIPrincipalKey //
@ -163,13 +163,13 @@ private:
    PrincipalPrefChanged(const char *pref, void *data);

    nsObjectHashtable *mOriginToPolicyMap;
-    nsIPref *mPrefs;
+    nsISecurityPref *mPrefs;
    nsIPrincipal *mSystemPrincipal;
    nsCOMPtr<nsIPrincipal> mSystemCertificate;
    nsSupportsHashtable *mPrincipals;
    PRBool mIsJavaScriptEnabled;
    PRBool mIsMailJavaScriptEnabled;
-    PRBool mIsAccessingPrefs;
+    PRBool mIsWritingPrefs;
    unsigned char hasDomainPolicyVector[(NS_DOM_PROP_MAX >> 3) + 1];
 };

--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@ -25,7 +25,6 @@
 #include "nsScriptSecurityManager.h"
 #include "nsIServiceManager.h"
 #include "nsIScriptObjectOwner.h"
-#include "nsIPref.h"
 #include "nsIURL.h"
 #include "nsIJARURI.h"
 #include "nspr.h"
@ -36,6 +35,7 @@
 #include "nsCodebasePrincipal.h"
 #include "nsCertificatePrincipal.h"
 #include "nsAggregatePrincipal.h"
+#include "nsISecurityPref.h"
 #include "nsCRT.h"
 #include "nsXPIDLString.h"
 #include "nsIJSContextStack.h"
@ -552,7 +552,7 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aFromURI, nsIURI *aURI,
            case PrefAccess:
                // Allow access if pref is set
                NS_ASSERTION(mPrefs,"nsScriptSecurityManager::mPrefs not initialized");
-                mPrefs->GetSecBoolPref("security.checkloaduri", &doCheck);
+                mPrefs->SecurityGetBoolPref("security.checkloaduri", &doCheck);
                if (!doCheck)
                    return NS_OK;
                // Otherwise fall through to Deny.
@ -1398,7 +1398,7 @@ nsScriptSecurityManager::nsScriptSecurityManager(void)
      mSystemPrincipal(nsnull), mPrincipals(nsnull), 
      mIsJavaScriptEnabled(PR_FALSE),
      mIsMailJavaScriptEnabled(PR_FALSE),
-      mIsAccessingPrefs(PR_FALSE)
+      mIsWritingPrefs(PR_FALSE)
 {
    NS_INIT_REFCNT();
    memset(hasDomainPolicyVector, 0, sizeof(hasDomainPolicyVector));
@ -1556,10 +1556,10 @@ nsScriptSecurityManager::GetSecurityLevel(nsIPrincipal *principal,
    PRInt32 secLevel;
    char *secLevelString;
 	nsresult rv;
-    rv = mPrefs->CopySecCharPref(prefName, &secLevelString);
+    rv = mPrefs->SecurityCopyCharPref(prefName, &secLevelString);
    if (NS_FAILED(rv)) {
        prefName += (isWrite ? ".write" : ".read");
-        rv = mPrefs->CopySecCharPref(prefName, &secLevelString);
+        rv = mPrefs->SecurityCopyCharPref(prefName, &secLevelString);
    }
    if (NS_SUCCEEDED(rv) && secLevelString) {
        if (PL_strcmp(secLevelString, "sameOrigin") == 0)
@ -1601,7 +1601,7 @@ nsScriptSecurityManager::CheckXPCPermissions(JSContext *aJSContext,
                PRBool allow = PR_FALSE;
                //XXX May want to store the value of the pref in a local,
                //    this will help performance when dealing with plugins.
-                rv = mPrefs->GetSecBoolPref("security.xpconnect.plugin.unrestricted", &allow);
+                rv = mPrefs->SecurityGetBoolPref("security.xpconnect.plugin.unrestricted", &allow);
                if (NS_SUCCEEDED(rv) && allow) 
                    return NS_OK;
            }
@ -1732,23 +1732,23 @@ nsScriptSecurityManager::SavePrincipal(nsIPrincipal* aToSave)
                             getter_Copies(deniedPrefName)  );
    if (NS_FAILED(rv)) return NS_ERROR_FAILURE;

-    mIsAccessingPrefs = PR_TRUE;
+    mIsWritingPrefs = PR_TRUE;
    if (grantedList)
-        mPrefs->SetSecCharPref(grantedPrefName, grantedList);
+        mPrefs->SecuritySetCharPref(grantedPrefName, grantedList);
    else
-        mPrefs->ClearSecUserPref(grantedPrefName);
+        mPrefs->SecurityClearUserPref(grantedPrefName);

    if (deniedList)
-        mPrefs->SetSecCharPref(deniedPrefName, deniedList);
+        mPrefs->SecuritySetCharPref(deniedPrefName, deniedList);
    else
-        mPrefs->ClearSecUserPref(deniedPrefName);
+        mPrefs->SecurityClearUserPref(deniedPrefName);

    if (grantedList || deniedList)
-        mPrefs->SetSecCharPref(idPrefName, id);
+        mPrefs->SecuritySetCharPref(idPrefName, id);
    else
-        mPrefs->ClearSecUserPref(idPrefName);
+        mPrefs->SecurityClearUserPref(idPrefName);

-    mIsAccessingPrefs = PR_FALSE;
+    mIsWritingPrefs = PR_FALSE;
    return mPrefs->SavePrefFile();
 }

@ -1827,7 +1827,7 @@ nsScriptSecurityManager::EnumeratePolicyCallback(const char *prefName,
                    return;
            }
            char *s;
-            if (NS_FAILED(mgr->mPrefs->CopySecCharPref(prefName, &s)))
+            if (NS_FAILED(mgr->mPrefs->SecurityCopyCharPref(prefName, &s)))
                return;
            char *q=s;
            char *r=s;
@ -1924,7 +1924,7 @@ struct EnumeratePrincipalsInfo {
    // this struct doesn't own these objects; consider them parameters on
    // the stack
    nsSupportsHashtable *ht;
-    nsIPref *prefs;
+    nsISecurityPref *prefs;
 };

 void
@ -1946,7 +1946,7 @@ nsScriptSecurityManager::EnumeratePrincipalsCallback(const char *prefName,
        return;

    char* id;
-    if (NS_FAILED(info->prefs->CopySecCharPref(prefName, &id))) 
+    if (NS_FAILED(info->prefs->SecurityCopyCharPref(prefName, &id))) 
        return;

    nsXPIDLCString grantedPrefName;
@ -1957,10 +1957,21 @@ nsScriptSecurityManager::EnumeratePrincipalsCallback(const char *prefName,
        return;

    char* grantedList = nsnull;
-    info->prefs->CopySecCharPref(grantedPrefName, &grantedList);
+    info->prefs->SecurityCopyCharPref(grantedPrefName, &grantedList);
    char* deniedList = nsnull;
-    info->prefs->CopySecCharPref(deniedPrefName, &deniedList);
+    info->prefs->SecurityCopyCharPref(deniedPrefName, &deniedList);

+    //-- Delete prefs if their value is the empty string
+    if ((!id || id[0] == '\0') || 
+        ((!grantedList || grantedList[0] == '\0') && (!deniedList || deniedList[0] == '\0')))
+    {
+        info->prefs->SecurityClearUserPref(prefName);
+        info->prefs->SecurityClearUserPref(grantedPrefName);
+        info->prefs->SecurityClearUserPref(deniedPrefName);
+        return;
+    }
+
+    //-- Create a principal based on the prefs
    static const char certificateName[] = "security.principal.certificate";
    static const char codebaseName[] = "security.principal.codebase";
    nsCOMPtr<nsIPrincipal> principal;
@ -2004,15 +2015,15 @@ nsScriptSecurityManager::JSEnabledPrefChanged(const char *pref, void *data)
 {
    nsScriptSecurityManager *secMgr = (nsScriptSecurityManager *) data;

-    if (NS_FAILED(secMgr->mPrefs->GetSecBoolPref(jsEnabledPrefName, 
-                                              &secMgr->mIsJavaScriptEnabled)))
+    if (NS_FAILED(secMgr->mPrefs->SecurityGetBoolPref(jsEnabledPrefName, 
+                                                      &secMgr->mIsJavaScriptEnabled)))
    {
        // Default to enabled.
        secMgr->mIsJavaScriptEnabled = PR_TRUE;
    }

-    if (NS_FAILED(secMgr->mPrefs->GetSecBoolPref(jsMailEnabledPrefName, 
-                                              &secMgr->mIsMailJavaScriptEnabled))) 
+    if (NS_FAILED(secMgr->mPrefs->SecurityGetBoolPref(jsMailEnabledPrefName, 
+                                                      &secMgr->mIsMailJavaScriptEnabled))) 
    {
        // Default to enabled.
        secMgr->mIsMailJavaScriptEnabled = PR_TRUE;
@ -2025,7 +2036,7 @@ int PR_CALLBACK
 nsScriptSecurityManager::PrincipalPrefChanged(const char *pref, void *data)
 {
    nsScriptSecurityManager *secMgr = (nsScriptSecurityManager *) data;
-    if (secMgr->mIsAccessingPrefs)
+    if (secMgr->mIsWritingPrefs)
        return 0;

    char* lastDot = PL_strrchr(pref, '.');
@ -2063,7 +2074,7 @@ nsScriptSecurityManager::InitFromPrefs()
 #endif

    nsresult rv;
-    NS_WITH_SERVICE(nsIPref, prefs, kPrefServiceCID, &rv);
+    NS_WITH_SERVICE(nsISecurityPref, prefs, kPrefServiceCID, &rv);
    if (NS_FAILED(rv))
        return NS_ERROR_FAILURE;

--- a/extensions/psm-glue/src/nsPSMComponent.cpp
+++ b/extensions/psm-glue/src/nsPSMComponent.cpp
@ -56,6 +56,7 @@
 #include "nsICertificatePrincipal.h"

 #include "nsIProtocolProxyService.h"
+#include "nsXPIDLString.h"

 #define PSM_VERSION_REG_KEY "/Netscape/Personal Security Manager"

@ -887,12 +888,26 @@ nsPSMComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen,
                                  SSM_FID_CERT_FINGERPRINT, &fingerprint);
  if (result != CMTSuccess) return NS_ERROR_FAILURE;

+  CMTItem common;
+  result = CMT_GetStringAttribute(controlConnection, certID,
+                                  SSM_FID_CERT_COMMON_NAME, &common);
+  if (result != CMTSuccess) return NS_ERROR_FAILURE;
+
+  //-- Unique cert ID for caps module is common name + fingerprint
+  nsCAutoString uniqueID;
+  uniqueID = (char*)common.data;
+  uniqueID.Append('/');
+  uniqueID.Append((char*)fingerprint.data);
+  nsXPIDLCString uniqueIDChar;
+  uniqueIDChar = uniqueID.ToNewCString();
+  if (!uniqueIDChar) return NS_ERROR_OUT_OF_MEMORY;
+
  //-- Get a principal
  nsresult rv;
  NS_WITH_SERVICE(nsIScriptSecurityManager, secMan,
                  NS_SCRIPTSECURITYMANAGER_PROGID, &rv)
    if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
-  rv = secMan->GetCertificatePrincipal((char*)fingerprint.data,
+  rv = secMan->GetCertificatePrincipal(uniqueIDChar,
                                       aPrincipal);
  if (NS_FAILED(rv)) return rv;

@ -901,10 +916,6 @@ nsPSMComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen,
  nsCOMPtr<nsICertificatePrincipal> certificate = do_QueryInterface(*aPrincipal, &rv);
  if (NS_FAILED(rv)) return NS_ERROR_FAILURE;

-  CMTItem common;
-  result = CMT_GetStringAttribute(controlConnection, certID,
-                                  SSM_FID_CERT_COMMON_NAME, &common);
-  if (result != CMTSuccess) return NS_ERROR_FAILURE;
  CMTItem subject;
  result = CMT_GetStringAttribute(controlConnection, certID,
                                  SSM_FID_CERT_SUBJECT_NAME, &subject);
@ -926,10 +937,10 @@ nsPSMComponent::VerifySignature(const char* aRSABuf, PRUint32 aRSABufLen,
    commonName.Append(' ');
    commonName.Append(orgUnitPos, orgUnitLen);
  }
-  char* commonChar = commonName.ToNewCString();
+  nsXPIDLCString commonChar;
+  commonChar = commonName.ToNewCString();
  if (!commonChar) return NS_ERROR_OUT_OF_MEMORY;
  rv = certificate->SetCommonName(commonChar);
-  Recycle(commonChar);
  return rv;
 }

--- a/extensions/psm-glue/src/nsSecureBrowserUIImpl.cpp
+++ b/extensions/psm-glue/src/nsSecureBrowserUIImpl.cpp
@ -58,7 +58,7 @@
 #include "nsINetSupportDialogService.h"
 #include "nsIPrompt.h"
 #include "nsICommonDialogs.h"
-#include "nsIPref.h"
+#include "nsISecurityPref.h"

 #include "nsIFormSubmitObserver.h"

@ -160,7 +160,7 @@ nsSecureBrowserUIImpl::Init(nsIDOMWindow *window, nsIDOMElement *button, nsIDOME
    mWindow         = window;

    nsresult rv = nsServiceManager::GetService( kPrefCID, 
-                                                NS_GET_IID(nsIPref), 
+                                                NS_GET_IID(nsISecurityPref), 
                                                getter_AddRefs(mPref));  
    if (NS_FAILED(rv)) return rv;

@ -518,7 +518,7 @@ nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldUR
        mSecurityButton->RemoveAttribute( NS_ConvertASCIItoUCS2("level") );
        mCertificateAuthorityDisplay->SetAttribute( NS_ConvertASCIItoUCS2("value"), NS_ConvertASCIItoUCS2("") );
        
-        if ((mPref->GetBoolPref(LEAVE_SITE_PREF, &boolpref) != 0))
+        if ((mPref->SecurityGetBoolPref(LEAVE_SITE_PREF, &boolpref) != 0))
            boolpref = PR_TRUE;
        
        if (boolpref) 
@ -541,7 +541,7 @@ nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldUR
                               &outCheckValue);

            if (!outCheckValue) {
-                mPref->SetBoolPref(LEAVE_SITE_PREF, PR_FALSE);
+                mPref->SecuritySetBoolPref(LEAVE_SITE_PREF, PR_FALSE);
                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
                if (NS_FAILED(res)) 
                    return res;
@ -552,7 +552,7 @@ nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldUR
    // check to see if we are going from an insecure page to a secure one.
    else if (isNewSchemeSecure && !isOldSchemeSecure)
    {
-        if ((mPref->GetBoolPref(ENTER_SITE_PREF, &boolpref) != 0))
+        if ((mPref->SecurityGetBoolPref(ENTER_SITE_PREF, &boolpref) != 0))
            boolpref = PR_TRUE;
        
        if (boolpref) 
@ -576,7 +576,7 @@ nsSecureBrowserUIImpl::CheckProtocolContextSwitch( nsIURI* newURI, nsIURI* oldUR

            if (!outCheckValue)
            {
-                mPref->SetBoolPref(ENTER_SITE_PREF, PR_FALSE);
+                mPref->SecuritySetBoolPref(ENTER_SITE_PREF, PR_FALSE);
                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &res);
                if (NS_FAILED(res)) 
                    return res;
@ -608,7 +608,7 @@ nsSecureBrowserUIImpl::CheckMixedContext(nsIURI* nextURI)
        if (!mPref) return NS_ERROR_NULL_POINTER;

        PRBool boolpref;
-        if ((mPref->GetBoolPref(MIXEDCONTENT_PREF, &boolpref) != 0))
+        if ((mPref->SecurityGetBoolPref(MIXEDCONTENT_PREF, &boolpref) != 0))
            boolpref = PR_TRUE;

        if (boolpref && !mMixContentAlertShown) 
@ -632,7 +632,7 @@ nsSecureBrowserUIImpl::CheckMixedContext(nsIURI* nextURI)
                               &outCheckValue);

            if (!outCheckValue) {
-                mPref->SetBoolPref(MIXEDCONTENT_PREF, PR_FALSE);
+                mPref->SecuritySetBoolPref(MIXEDCONTENT_PREF, PR_FALSE);
                NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
                if (NS_FAILED(rv)) 
                    return rv;
@ -663,7 +663,7 @@ nsSecureBrowserUIImpl::CheckPost(nsIURI *actionURL, PRBool *okayToPost)
    PRBool boolpref = PR_TRUE;    

    // posting to a non https URL.
-    mPref->GetBoolPref(INSECURE_SUBMIT_PREF, &boolpref);
+    mPref->SecurityGetBoolPref(INSECURE_SUBMIT_PREF, &boolpref);
    
    if (boolpref) {
        NS_WITH_SERVICE(nsICommonDialogs, dialog, kCommonDialogsCID, &rv);
@ -691,7 +691,7 @@ nsSecureBrowserUIImpl::CheckPost(nsIURI *actionURL, PRBool *okayToPost)
                             okayToPost);

        if (!outCheckValue) {
-            mPref->SetBoolPref(INSECURE_SUBMIT_PREF, PR_FALSE);
+            mPref->SecuritySetBoolPref(INSECURE_SUBMIT_PREF, PR_FALSE);
            NS_WITH_SERVICE(nsIPSMComponent, psm, PSM_COMPONENT_PROGID, &rv);
            if (NS_FAILED(rv)) 
                return rv;
--- a/extensions/psm-glue/src/nsSecureBrowserUIImpl.h
+++ b/extensions/psm-glue/src/nsSecureBrowserUIImpl.h
@ -35,7 +35,7 @@
 #include "nsIStringBundle.h"
 #include "nsISecureBrowserUI.h"
 #include "nsIDocShell.h"
-#include "nsIPref.h"
+#include "nsISecurityPref.h"
 #include "nsIWebProgressListener.h"
 #include "nsIFormSubmitObserver.h"
 #include "nsIURI.h"
@ -76,7 +76,7 @@ protected:
    nsCOMPtr<nsIDOMElement>             mSecurityButton;
    nsCOMPtr<nsIDOMElement>             mCertificateAuthorityDisplay;
 	nsCOMPtr<nsIDocumentLoaderObserver> mOldWebShellObserver;
-    nsCOMPtr<nsIPref>                   mPref;
+    nsCOMPtr<nsISecurityPref>           mPref;
    nsCOMPtr<nsIStringBundle>           mStringBundle;
    
    nsCOMPtr<nsIURI>                    mCurrentURI;
--- a/modules/libpref/public/MANIFEST_IDL
+++ b/modules/libpref/public/MANIFEST_IDL
@ -2,4 +2,5 @@
 # This is a list of local files which get copied to the mozilla:idl directory
 #

-nsIPref.idl
+nsIPref.idl
+nsISecurityPref.idl
--- a/modules/libpref/public/Makefile.in
+++ b/modules/libpref/public/Makefile.in
@ -28,7 +28,7 @@ include $(DEPTH)/config/autoconf.mk

 MODULE		= pref

-XPIDLSRCS	= nsIPref.idl
+XPIDLSRCS	= nsIPref.idl nsISecurityPref.idl

 EXPORTS		= prefldap.h
 EXPORTS		:= $(addprefix $(srcdir)/, $(EXPORTS))
--- a/modules/libpref/public/makefile.win
+++ b/modules/libpref/public/makefile.win
@ -24,7 +24,7 @@ MODULE=pref
 DEPTH=..\..\.. 
 EXPORTS=prefldap.h

-XPIDLSRCS = .\nsIPref.idl
+XPIDLSRCS = .\nsIPref.idl .\nsISecurityPref.idl

 include <$(DEPTH)\config\config.mak>
 include <$(DEPTH)\config\rules.mak>
--- a/modules/libpref/public/nsIPref.idl
+++ b/modules/libpref/public/nsIPref.idl
@ -124,15 +124,6 @@ interface nsIPref : nsISupports {
  nsIFileSpec GetFilePref(in string pref);
  void SetFilePref(in string pref, in nsIFileSpec value, in boolean setDefault);

-  /* Security Prefs Access 
-     These are here to support nsScriptSecurityManager and are insecure if used elsewhere.
-     Please do not call these functions from elsewhere. 
-  */
-  [noscript] boolean GetSecBoolPref(in string pref);
-  [noscript] string CopySecCharPref(in string pref);
-  [noscript] void SetSecCharPref(in string pref, in string value);
-  [noscript] void ClearSecUserPref(in string pref_name);
-
  /* pref attributes */
  boolean PrefIsLocked(in string pref);

--- a/modules/libpref/public/nsISecurityPref.idl
+++ b/modules/libpref/public/nsISecurityPref.idl
@ -0,0 +1,45 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * The contents of this file are subject to the Netscape Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/NPL/
+ *
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code is mozilla.org code.
+ *
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are
+ * Copyright (C) 1998 Netscape Communications Corporation. All
+ * Rights Reserved.
+ *
+ * Contributor(s): 
+ */
+
+#include "nsIPref.idl"
+
+/*
+ * Interface for accessing preferences, bypassing the ususl security check
+ * on prefs starting with "security". This interface is used by caps and
+ * psm-glue, which need unchecked access to security prefs. 
+ * *PLEASE* do not call this interface from any other file, as this 
+ * would be insecure.
+ *
+ * THIS INTERFACE SHOULD NEVER BE MADE SCRIPTABLE 
+ */
+[uuid(94afd973-8045-4c6c-89e6-75bdced4209e)]
+interface nsISecurityPref : nsIPref {
+
+  boolean SecurityGetBoolPref(in string pref);
+  void SecuritySetBoolPref(in string pref, in boolean value);
+  string SecurityCopyCharPref(in string pref);
+  void SecuritySetCharPref(in string pref, in string value);
+  long SecurityGetIntPref(in string pref);
+  void SecuritySetIntPref(in string pref, in long value);
+  void SecurityClearUserPref(in string pref_name);
+
+};
--- a/modules/libpref/src/nsPref.cpp
+++ b/modules/libpref/src/nsPref.cpp
@ -33,7 +33,7 @@
 *                               use in OS2
 */

-#include "nsIPref.h"
+#include "nsISecurityPref.h"

 #include "nsIFileSpec.h"
 #include "nsIModule.h"
@ -93,7 +93,7 @@ static NS_DEFINE_CID(kSecurityManagerCID,   NS_SCRIPTSECURITYMANAGER_CID);
 static NS_DEFINE_CID(kStringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);

 //========================================================================================
-class nsPref: public nsIPref
+class nsPref: public nsISecurityPref
 //========================================================================================
 {
    NS_DECL_ISUPPORTS
@ -103,6 +103,7 @@ public:

    /* Use xpidl-generated macro to declare everything required by nsIPref */
    NS_DECL_NSIPREF
+    NS_DECL_NSISECURITYPREF

 protected:

@ -128,7 +129,7 @@ protected:
    nsresult useUserPrefFile();
    nsresult useLockPrefFile();
    nsresult getLockPrefFileInfo();
-    nsresult SecurePrefCheck(const char* aPrefName);
+    inline static nsresult SecurePrefCheck(const char* aPrefName);

    static nsPref *gInstance;
    
@ -465,21 +466,21 @@ nsresult nsPref::SecurePrefCheck(const char* aPrefName)
 //----------------------------------------------------------------------------------------
 {
    static const char securityPrefix[] = "security.";
-    if (PL_strnstr(aPrefName, securityPrefix, sizeof(securityPrefix)) == 0)
-        return NS_OK;
-        
-    // XXX: Need error reporting somehow.
-    nsresult rv;
-    NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, kSecurityManagerCID, &rv);
-    if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
-    PRBool enabled;
-    rv = secMan->IsCapabilityEnabled("SecurityPreferencesAccess", &enabled);
-    if (NS_FAILED(rv) || !enabled)
-        return NS_ERROR_FAILURE;
+    if ((aPrefName[0] == 's' || aPrefName[0] == 'S') &&
+        PL_strncasecmp(aPrefName, securityPrefix, sizeof(securityPrefix)-1) == 0)
+    {
+        nsresult rv;
+        NS_WITH_SERVICE(nsIScriptSecurityManager, secMan, kSecurityManagerCID, &rv);
+        if (NS_FAILED(rv)) return NS_ERROR_FAILURE;
+        PRBool enabled;
+        rv = secMan->IsCapabilityEnabled("SecurityPreferencesAccess", &enabled);
+        if (NS_FAILED(rv) || !enabled)
+            return NS_ERROR_FAILURE;
+    }
    return NS_OK;
 }

-NS_IMPL_THREADSAFE_ISUPPORTS(nsPref, NS_GET_IID(nsIPref));
+NS_IMPL_THREADSAFE_ISUPPORTS2(nsPref, nsIPref, nsISecurityPref);

 //========================================================================================
 // nsIPref Implementation
@ -1043,15 +1044,22 @@ NS_IMETHODIMP nsPref::SetFilePref(const char *pref_name,
 }

 /*
- * Pref access without security check - these are here to support nsScriptSecurityManager.
- * Please don't call them from elsewhere.
+ * Pref access without security check - these are here
+ * to support nsScriptSecurityManager and psm_glue
+ * These functions are part of nsISecurityPref, not nsIPref.
+ * **PLEASE** do not call these functions from elsewhere
 */
-NS_IMETHODIMP nsPref::GetSecBoolPref(const char *pref, PRBool * return_val)
+NS_IMETHODIMP nsPref::SecurityGetBoolPref(const char *pref, PRBool * return_val)
 {
    return _convertRes(PREF_GetBoolPref(pref, return_val, PR_FALSE));
 }

-NS_IMETHODIMP nsPref::CopySecCharPref(const char *pref, char ** return_buf)
+NS_IMETHODIMP nsPref::SecuritySetBoolPref(const char *pref, PRBool value)
+{
+    return _convertRes(PREF_SetBoolPref(pref, value));
+}
+
+NS_IMETHODIMP nsPref::SecurityCopyCharPref(const char *pref, char ** return_buf)
 {
 #if defined(DEBUG_tao_)
    checkPref("CopyCharPref", pref);
@ -1059,12 +1067,22 @@ NS_IMETHODIMP nsPref::CopySecCharPref(const char *pref, char ** return_buf)
    return _convertRes(PREF_CopyCharPref(pref, return_buf, PR_FALSE));
 }

-NS_IMETHODIMP nsPref::SetSecCharPref(const char *pref,const char* value)
+NS_IMETHODIMP nsPref::SecuritySetCharPref(const char *pref, const char* value)
 {
    return _convertRes(PREF_SetCharPref(pref, value));
 }

-NS_IMETHODIMP nsPref::ClearSecUserPref(const char *pref_name)
+NS_IMETHODIMP nsPref::SecurityGetIntPref(const char *pref, PRInt32 * return_val)
+{
+    return _convertRes(PREF_GetIntPref(pref, return_val, PR_FALSE));
+}
+
+NS_IMETHODIMP nsPref::SecuritySetIntPref(const char *pref, PRInt32 value)
+{
+    return _convertRes(PREF_SetIntPref(pref, value));
+}
+
+NS_IMETHODIMP nsPref::SecurityClearUserPref(const char *pref_name)
 {
    return _convertRes(PREF_ClearUserPref(pref_name));
 }