Motivation
Some controllers have their allowed actions or events types for their RestrictedControllerMessenger set to string. This compromises allowlist security by enabling these controllers to gain unrestricted access to any external action or event.
Explanation
For all RestrictedControllerMessenger instances, their AllowedActions, AllowedEvents generic parameters should never be set to string, and if so, they should be narrowed to the correct union type of allowed actions or events. If there are no allowed actions or events, never is the appropriate type.
The following controllers are currently affected by this issue and need to be fixed:
Motivation
Some controllers have their allowed actions or events types for their
RestrictedControllerMessengerset tostring. This compromises allowlist security by enabling these controllers to gain unrestricted access to any external action or event.Explanation
For all
RestrictedControllerMessengerinstances, theirAllowedActions,AllowedEventsgeneric parameters should never be set tostring, and if so, they should be narrowed to the correct union type of allowed actions or events. If there are no allowed actions or events,neveris the appropriate type.The following controllers are currently affected by this issue and need to be fixed:
AccountsController: Fixed by fix: accounts controller events and actions #4021ApprovalControllerKeyringControllerNetworkControllerPermissionControllerSideEffectMessenger(allowed events typed asnever)