Security/Sandbox/2017-11-02

Landed tmpdir handling, got backed out
bug 1386404 Stop allowing Linux content processes to access /tmp
Subtle issue (well maybe not so subtle) with env lifetimes
There's issue with leaktest as well, it seems to write logs to /tmp from the child and expects to collect them afterwards
Will need to rebase to jld patches

bug 1399787 - Create a new sandboxed process to run pdfium
- This is going to be used for PDF printing on Windows (and potentially all printing by going via PDF in the future).
- In review process.
bug 1412827 - Block Symantec DLLs causing ImageBridgeChild::InitForContent with alternate desktop.
- Landed this to try and reduce Crash in InitForContent bug 1400637.
- Looks like there has been a reduction, but there is probably a long tail of AVs still causing them.
- Need to decide if we want to let this roll to Beta and see how bad the problem is there. If not we should move Alternate Desktop to level 5 and let other things in level 4 roll out.
bug 1368268 - Crash in `anonymous namespace::ActiveVerifier::StartTracking
- Had another look at this, the crash level is now very low.
- Can't see how it is happening, possible change in chromium update will help.
bug 1409063 - FF 56.0.1 x64 on W7x64: now creating events in "Microsoft-Windows-Known Folders/ Operational" event log, "Error 0x80070005 occurred while creating known folder" for all known folders, upon each FF startup.
- I see similar errors to this and it could be sandbox related, but haven't had time to investigate further.
Chromium sandbox update.
- Had a few problems on try that are now all fixed.
- Tidying up patches now to get them ready for review, won't land until Fx59.

bug 1403260 - Remove access to print server from content process sandbox
- Landed
bug 1393259 - Tighten font rules in the Mac content sandbox
- Planning to use PBackground for messaging, use IO thread for reading font file
bug 1404298 - When Running Firefox Stable and Firefox Developer Edition together, eventually tabs begin crashing
- No luck with minidump so far, not sure it will be useful
- Reporter ran debug build which provided a bit more info
- Installed Sophos (Mac Antivirus) and testing locally

bug 1411115 - F_SETLK fcntl regression; fixed
Yak shaving sequence:
- bug 1409900 - statfs; backed out for getting the statfs64 args wrong; fixed and relanded
  - Resolved: file a bug so we can actually write tests for this kind of thing
- bug 1412480 - syscall argument size mistake; fixed (waiting for review)
- bug 1413312 - sched_get_priority_* mistake; sent patch
- bug 1413313 - scheduling pid/tid restrictions for content; investigated
  - Chromium did this, discovered later that priority changes were more broken than normal, & changed their threading APIs to accommodate
bug 1412480 - LaunchOptions; finally sent for review
bug 1412464 - inotify regression; fixed (waiting for review)
bug 1409895 - getcwd; found solution, maybe: change mochitests to chrome
Reviews (mainly /tmp blocking)
Had an opinion on the font bug (bug 1412090; BTW, that affects 57 and we probably can't land anything nontrivial now?)
- Resolved: relnotes it for 57
Also: discovered and filed bug 1412114 -

bug 1382251 - Brokering https in NPAPI process
- clang-static analyzer and mingw-gcc builds

Round table