Security/Sandbox/2017-11-16

« previous week | index | next week »

gcp

• bug 1257276 Allow specification of environment variables when creating child processes
• bug 1386404 Stop allowing Linux content processes to access /tmp
• bug 1405877 Cubeb audioipc requires a named Unix-domain socket

bobowen

• bug 1400637 - Crash in mozilla::layers::ImageBridgeChild::InitForContent
  • Spiked again in Beta bug 1417959 filed to remove alternate desktop from level 4.
• bug 1403931 - USER_RESTRICTED for content.
  • Sandbox logging issues were caused by the sandbox. :-)
  • Making some progress on getting a running browser.

handyman

• bug 1382251 - Brokering https in NPAPI process
  • In reviews
• bug 1391414 - NPN_InvalidateRect broken when async drawing is disabled
  • Spoke with Jeromie (Adobe). Closed invalid.
• bug 1415162 - Set USER_LIMITED on NPAPI proc
• bug 1415160 - Set process mitigations on NPAPI proc
  • Building table of behaviors and Win32 APIs that fail under various sandbox settings

Alex_Gaynor

• bug 1407693 - weening crash reporter off creating files; almost ready to upload for review
• bug 1414834 - reland the print IPC changes! working with :bobowen to get it ready to land

haik

• bug 1393259 - Tighten font rules in the Mac content sandbox
  • Got MacOSFontEntry::GetFontRef() remoting through the parent
    • Is called from Stylo parallel style threads
  • Realized PBackground is not the right solution for this, need top level sync protocol
  • Prototype working, need to investigate some other code paths
• bug 1417242 - Some characters don't display anymore with new Firefox 57 while visiting lemonde.fr
  • User had old font installed in $HOME causing problem, fixed by user deleting old font
• bug 1417420 - Fonts don't display correctly with content sandboxing on macOS with Font Agent Pro font manager
  • Fixed by Jonathan, font manager needing whitelist entry

jld

• bug 1366701 - Stared at patches for Chromium update; mostly done with reviewing, I hope
• bug 1382251 - Started reviewing IPC change for NPAPI TLS brokering
• Looked at assorted regressions; they're all in the triage queue
  • Several from WebGL, including one that looks exactly like a bug we fixed
  • Yet another bug about font locations (although this one is maybe sort of our fault for using permissive broker logs instead of reading the FreeDesktop specs)
• bug 1401786 - Finally got LaunchOptions landed
• bug 1416177 - Tried to investigate heap-unclassified regression from font IPC change (tentatively blamed on IPC); didn't find anything conclusive
• bug 1401339 - Determined that it's not a sec bug on Linux & we can back that part out

Roundtable

• bug 1391252 - “Site Isolation” - mostly a web platform feature, but the spec refers to and recommends site isolation in the process sandbox sense
  • https://wicg.github.io/isolation/explainer.html

erahm

• Here to learn all about the file content process
• Follow up: memory impact