Security/Sandbox/2017-05-04
From MozillaWiki
« previous week | index | next week »
jld
- Might need to leave a little early
- From the crash reporter: I broke a11y, but it's fixed now
- bug 1361238 - re-allow accept4
- bug 1285816 - when we allowed it the first time
- the bug doesn't mention libatspi, but spreadsheets do
- bug 1361338 - the actual fix
- Also from the crash reporter: ESET
- Annoying library-injecting AV: not just for Windows anymore.
- fcntl F_GETFL crashing Widevine
- harmless, but what will it do next?
- Probably the source of the SysV message queue stuff in content
- bug 1285902 - msgget, linked to it via out-of-band spreadsheet stuff
- msgsnd seen in Telemetry from Aurora 54
- (why does Telemetry not know about the current versions?)
- Apparently a “server” product?
- What are our options?
bobowen
- bug 1351358 - Can't submit form to http(s) URL using POST method from a file:// page
- Patches up for review, some questions but nothing major so far.
- bug 1175267 - [e10s] about:addons page turns blank when opening XPI file
- Think I know where I can extend my existing patch to pick up other code paths for this.
gcp
- bug 1308400 - Construct a file broker policy for default-deny read access on the Linux Desktop
- Swatted a few test failures
- Ported the macOS patch to give readaccess to topsrcdir in developer builds
- This would mean mochitests using SpecialPowers fail when packaged. Confirmed also on the mac build. Do we care?
- Investigating remaining failures (it's still pretty orange)
Alex_Gaynor
- bug 1361733 - In debug builds, don't allow writes to all of /var/private/folders
- bug 1357758 - Switch the macOS sandbox from blacklisting a few directories to whitelisting everything we need
- bug 1358223 - Hardcode minimum sandbox level on macOS and Windows
- bug 1360223 - Failing test at level 3 on macOS
haik
- bug 1334550 - Proxy moz-extension protocol requests to the parent process
- Pinged Kris to review, he's working on it
- Looked into off-main-thread I/O, hit assert, needs debugging
- bug 1361304 - [Mac] Remove /private/var read access from level 3 Content Sandbox
- Clean on try, added tests
handyman
bug 1361719 - Need to disable the GPU process sandbox for WebVR
roundtable
- OOP iframes - need to find owner
- proposed webextension changes related to file access - https://wiki.mozilla.org/WebExtensions/Filesystem#Engineering_Plan
- read access sandboxing is going to break running mochitests on packaged builds due to only whitelisting repo on dev builds
- ./mach mochitest --appname dist
- read restrictions test planning - Test Plan: https://wiki.mozilla.org/QA/file_read_access
- Common:
- Print to file, file uploads, bulk directory uploads
- drag and drop of files into content
- content file / page saves
- WebExtensions
- Popular WebExtensions still work
- WebExtensions-developer use cases loading from home directory (i.e, about:debugging then load both packed and unpacked extensions)
- Loading URL's that spawn other applications
- Printing
- Running browser out of home directory, i.e., not installing it into proper location such as /Applications (on Mac), or Program Files (Windows)
- Plugins
- Flash file pickers
- Windows
- Profile on network drive
- Profile on symbolic link or junction point
- Windows Users directory on junction point
- especially printing with this
- Virtual keyboard support
- Accessibility
- Roaming windows user
- Running from a network drive
- Mac
- Linux
- Profile in symlinked dir
- .config in symlinked dir
- ~ (home) in symlinked dir
- Various distros and desktop envs, Qt (with themes and GTK style engine) vs GTK
- At the very least Fedora, Ubuntu and KDE and GNOME
- Common:
- bug 1358223 - Hard code minimum level - what should we do in telemetry/about:support regarding reporting the real pref setting and effective sandbox level. Might also be useful for this to include the environment variable for turning the sandboxes off - or maybe that should be separate telemetry.