Security/Sandbox/2017-10-19
From MozillaWiki
« previous week | index | next week »
gcp
- bug 1386404 Stop allowing Linux content processes to access /tmp
- 57 regression hunting
- nice bug where freeing 6000 nsTArrays hangs shutdown
- minor feature breakage like addon compat and private browsing
haik
- bug 1404919 - Fonts don't display correctly since update due to content-process sandboxing on macOS
- Landed, Beta uplift
- bug 1403260 - Remove access to print server from content process sandbox
- Finishing up, should post for review today
- Printing refactoring big job
- bug 1398908 - Add automated test that uses nonexistent script from extension JAR file
- Landed
- bug 1393259 - Tighten font rules in the Mac content sandbox
- A bit more research, needs more debugging
Alex_Gaynor
- bug 1319423 - Don't create files on disk from content from print IPC
- Landed
- Just this morning someone filed a regression in printing to PDF... so that's going to require some debugging
- Write up a plan for the macOS GPU lockdown work
- bug 1409747 - Fixed compilation on macOS with --disable-sandbox
- bug 1407693 - Don't create files from content process on process crash
- Had a working patch, except the approach is non-workable for windows, so back to the drawing board
bobowen
- bug 1400637 - Crash in mozilla::layers::ImageBridgeChild::InitForContent
- Attempt to reduce occurences by ... bug 1410073 - Load user32.dll immediately after the DLL Blocklist is in place.
- bug 1401095 - Can not open any web page if Firefox is launched from a new desktop
- This appears to be broken from Fx50 (level 1), the alternate desktop actually fixes it, I want to work out why.
- bug 1372823 - Extend BaseThreadInitThunk gatekeeping to support Windows 64-bit
- Finally tracked down all gtest threading/timing issues and landed, hopefully fixes bug 1397301.
- bug 1407766 - Nightly 58 displays blank pages in the browser after Symantec Endpoint is installed
- This was because we were blocking a DLL that they inject as a static import and so we crash.
- Started working on chromium sandbox update, hope to have patches up tomorrow.
jld
- Landed the bug 227246 workaround / fix for bug 1406971 and bug 678369 and bug 147659
- Fixed ioctl fallout
- bug 1408821 — FIONBIO, from audioipc
- bug 1408498 — FIONREAD, from libgio inotify stuff (see below)
- bug 1408493 — ALSA stuff
- bug 1408568 — rejected syscall reporting XPCOM bindings assert-failed with file content processes
- bug 1408487 — WebRTC STUN is still calling getifaddrs; filed bug
- Continuing to get old patches out of my local topic branches
- bug 1320834 — prctl
- bug 1328896 — fcntl
- Filed more chroot blockers
- bug 1408497 — inotify; MIME service again
- bug 1409895 — getcwd; probably just tests
- bug 1409900 — statfs and quotactl; unsure because this goes back to the original strace-scraping
- Got audio remoting + bug 1385258 + future sandboxing semi-working on Try
- Just did namespace/chroot, not corresponding seccomp-bpf tightening (yet)
- chroot breaks a few tests because the cwd is different
- I thought I saw someone recently suggest that CurWorkD shouldn't even exist....
- pidns causes mysterious timeouts that I'm still trying to diagnose
- opt-only, yay
handyman
- bug 1382251 - Brokering https in NPAPI process
- Finishing up actor work
- need to determine importance of shmem work
- will punt on initial thread pool idea (could produce deadlocks without)
Round table
- Chromium site isolation is in release, preffed off, if anyone wants to experiment with it
- They're doing a full trial on Canary right now: https://groups.google.com/a/chromium.org/d/msg/chromium-dev/qN9uEg5yBLA/Vw1RzT-5AQAJ
- (When/how do they share processes among origins?)
- https://twitter.com/nasko/status/920654140463661059