Security/Sandbox/2017-05-04

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

jld

  • Might need to leave a little early
  • From the crash reporter: I broke a11y, but it's fixed now
  • Also from the crash reporter: ESET
    • Annoying library-injecting AV: not just for Windows anymore.
    • fcntl F_GETFL crashing Widevine
      • harmless, but what will it do next?
    • Probably the source of the SysV message queue stuff in content
      • bug 1285902 - msgget, linked to it via out-of-band spreadsheet stuff
      • msgsnd seen in Telemetry from Aurora 54
        • (why does Telemetry not know about the current versions?)
    • Apparently a “server” product?
    • What are our options?

bobowen

  • bug 1351358 - Can't submit form to http(s) URL using POST method from a file:// page
    • Patches up for review, some questions but nothing major so far.
  • bug 1175267 - [e10s] about:addons page turns blank when opening XPI file
    • Think I know where I can extend my existing patch to pick up other code paths for this.

gcp

  • bug 1308400 - Construct a file broker policy for default-deny read access on the Linux Desktop
  • Swatted a few test failures
  • Ported the macOS patch to give readaccess to topsrcdir in developer builds
  • This would mean mochitests using SpecialPowers fail when packaged. Confirmed also on the mac build. Do we care?
  • Investigating remaining failures (it's still pretty orange)

Alex_Gaynor

  • bug 1361733 - In debug builds, don't allow writes to all of /var/private/folders
  • bug 1357758 - Switch the macOS sandbox from blacklisting a few directories to whitelisting everything we need
  • bug 1358223 - Hardcode minimum sandbox level on macOS and Windows
  • bug 1360223 - Failing test at level 3 on macOS

haik

  • bug 1334550 - Proxy moz-extension protocol requests to the parent process
    • Pinged Kris to review, he's working on it
    • Looked into off-main-thread I/O, hit assert, needs debugging
  • bug 1361304 - [Mac] Remove /private/var read access from level 3 Content Sandbox
    • Clean on try, added tests

handyman

bug 1361719 - Need to disable the GPU process sandbox for WebVR

roundtable

  • read restrictions test planning - Test Plan: https://wiki.mozilla.org/QA/file_read_access
    • Common:
      • Print to file, file uploads, bulk directory uploads
      • drag and drop of files into content
      • content file / page saves
      • WebExtensions
        • Popular WebExtensions still work
        • WebExtensions-developer use cases loading from home directory (i.e, about:debugging then load both packed and unpacked extensions)
      • Loading URL's that spawn other applications
      • Printing
      • Running browser out of home directory, i.e., not installing it into proper location such as /Applications (on Mac), or Program Files (Windows)
    • Plugins
      • Flash file pickers
    • Windows
      • Profile on network drive
      • Profile on symbolic link or junction point
      • Windows Users directory on junction point
        • especially printing with this
      • Virtual keyboard support
      • Accessibility
      • Roaming windows user
      • Running from a network drive
    • Mac
    • Linux
      • Profile in symlinked dir
      • .config in symlinked dir
      • ~ (home) in symlinked dir
      • Various distros and desktop envs, Qt (with themes and GTK style engine) vs GTK
        • At the very least Fedora, Ubuntu and KDE and GNOME
  • bug 1358223 - Hard code minimum level - what should we do in telemetry/about:support regarding reporting the real pref setting and effective sandbox level. Might also be useful for this to include the environment variable for turning the sandboxes off - or maybe that should be separate telemetry.