Security/Sandbox/2018-01-18

« previous week | index | next week »

haik

• bug 1431441 - [Mac] Start the content sandbox earlier
  • Hacked together a build that passes sandbox arguments on the command line and starts sandbox very early
  • Had to add in if filesystem read access for now to workaround ICU issue stati'ing files
  • Add in some new services, some implicit services are blocked
  • Many test failures to debug
  • https://treeherder.mozilla.org/#/jobs?repo=try&revision=bea657178916ca24fab7c311c8a954f8b68ac19a

gcp

• bug 1430118 Child process logging doesn't work (again) when sandboxing is on
• Problems attaching debugger to sandboxed content processes
• bug 1386404 Stop allowing Linux content processes to access /tmp
• investigating with #ateam, might be shutdown hang

Alex_Gaynor

• bug 1407693 - Don't create files in crash reporter; working through failing tests
• bug 1426807 - crash in printing with a11y on Windows; waiting for feedback
• Reviewed Nika's process-per-origin doc

bobowen

• bug 1423628 - Stop processing native events in the content process
  • bug 1396984 - Scrollbar becomes black on first connection of second screen
    • Tracked it down to failing NtGdiDrawStream calls in DrawThemeBackground, can't see why they're failing at the moment.
  • bug 1430744 - Stop processing native events in the content process on Windows in Nightly
    • Just realised my patch doesn't check for NIghtly so need to add that and land.
• bug 1421944 - Webrtc microphone input broken in Windows Insider Preview Build 17046
  • Fix in insider build and confirmed by original reporter.

jld

• bug 1243108 - Tried to repro the sendmsg bug in rr; rr is (understandably) slow on it; failed to repro. Might try running in a loop overnight.
  • https://github.com/mozilla/rr/issues/2159
• bug 1151624 - Realized why pid namespace isolation was failing on Try, after it failed locally while dogfooding
  • The profiler / BackgroundHangMonitor uses tgkill(getpid(), …); I remapped in seccomp-bpf, but that doesn't help pre-sandbox
  • (It got ESRCH, failed a debug-only assertion, and locked up in a complicated way involving 3 different threads)
• bug 1401062 - The clone bug could land, but I'm deferring it until post-59-freeze
  • Risk would be GMP-only, so we could easily miss problems until release
• bug 1430949 - Filed separate bug for network namespace isolation
  • Investigated with LD_PRELOAD shim whether we're doing other socket stuff pre-sandbox (e.g., DBus), but I see only X
• bug 1386019 - Wrote the rest of the miscellaneous-audio-stuff patch
• bug 1430274 - …and realized that I broke ALSA in 58, but there's a bug from a few days ago with a patch
• …which Telemetry would've told us if we'd been monitoring it in a more organized way
  • I have some ideas for tooling here.

handyman

• bug 1382251 - Brokering https in NPAPI process
  • landing (in 60)
• bug 1429643 - Limit SSL brokering to 64-bit
  • ready
• bug 1358372 - sndvol.exe shows multiple volume sliders for browser
  • WIP tests
  • Writing up the bug report for MS
• bug 1411379 - Flash needs registry access to run updater at reboot
• bug 1429032 - Flash cannot launch AIR installer
  • Not granting special permissions

Tor Dev Meeting - March 11th

- Especially https://bugzilla.mozilla.org/show_bug.cgi?id=1322426