Security/Sandbox/2018-05-10
From MozillaWiki
« previous week | index | next week »
Contents
tjr
- MinGW Build: Great Progress!
- Debug and Opt builds seem to run fine locally
- Tests run in TC still fail. (Need to run them locally Bug 1458083)
- Need to clean up patches
- CFI Build
- Clang Bug: https://bugs.llvm.org/show_bug.cgi?id=37394
- Think I can work on some of the other bugs I've hit
- More Fission Work
- Pulling a thread on cross-origin SVG filters
jld
- I found the kernel bug! ??
- https://bugzilla.mozilla.org/show_bug.cgi?id=1243108#c48
- Found by code inspection once I'd narrowed down what was happening
- tl;dr: needs more locking
- Kernel bug action items:
- Report to Linux
- Commit a workaround
- Tell Chromium because they're doing the same thing
- …does Servo e10s need to worry?
- (*Our* IPC might be affected, but we don't create/destroy toplevel actors often so the chance of hitting this might be negligible.)
- Got a late start trying to write up something about the sandbox changes for 60
- bug 1460297 - A `sudo firefox` failure; a workaround exists; resolved
- Might want to post-facto relnote that.
- Tor Browser will be moving to ESR60 soon; see if there's anything post-60 they might want to backport.
bobowen
- bug 1455252 - Startup crash in CreateProcessAsUserW (mostly zh-CN)
- Looked through a lot of reports and some dumps, looks like various things messing up hooking.
- Disappeared w/c 23/4 - maybe a Windows update??
- Canvas remoting
- Different approach fixes some issues.
- Some things that crashed before now don't crash, but have black blocks overlaid.
- Also seem to have a memory leak or possibly slow to release memory.
- Sandbox sec bugs.
haik
- bug 1452278 - [Mac] Make nsOSHelperAppService::GetFromTypeAndExtension() not call OS MIME API's in content
- Generic MIMEInfo class, nsOSHelperAppService
- bug 1458553 - Return of Google Maps all black map with updated Nvidia web driver on Mac
- Mac telemetry
RoundTable
- Content Isolation charter
- mac osx research
- double check - only -central right? Not esr60?
- https://reviewboard.mozilla.org/r/209074/diff/3#index_header
- https://searchfox.org/mozilla-central/source/security/sandbox/mac/SandboxPolicies.h#363