Security/Sandbox/2014-09-18

From MozillaWiki
Jump to: navigation, search


« previous week | index | next week »

18 September 2014

Standup/status

  • Windows sandboxing
    • GMP/OpenH264/EME
      • Bug 1027906 (More restrictive sandbox policies for GMP/EME plugins) uplifted to beta
      • Working on a mechanism to let EME plugins list the DLLs that they need to use; those will be pre-loaded by the plugin process before dropping privileges (see bug 1066326)
    • Content
      • (Bob is on vacation)
      • cpearce concerned about running Windows DXVA in content or plugin sandbox. Chrome runs DXVA in a separate process?
      • For content sandboxing we can explore options; Chrome has a dedicated rendering process so that its content processes can be "untrusted" integrity level. IE uses "low" integrity level for its content processes, which I believe allows DXVA to work. We will probably go the "low" integrity level route at first, and consider other possibilities later
      • For EME/GMP plugin sandbox, we will likely use "low" integrity level if DXVA is a requirement
  • Linux/B2G
    • “sendmsg considered harmful”: unwanted resource access bug
      • (Maybe not a full escape, but definitely not good.)
      • have fix; needs breakpad patches; should be upstreamable
    • Conversion to the rest of Chromium's compiler mostly works, but I had to update a bunch of chromium/base…
    • create umbrella sandbox module for issues like shared code from chromium/base?
    • Note to self: file bug to stop crashing while crashing in GMP host.
  • Mac
    • Have received a code fragment from Adobe for testing, but need a GMP plugin in which to test it. Originally planned to use Chris Pearce's gmp-clearkey plugin with decrypt+decode capabilities. But the decode stuff is Windows-only. So might end up using the decrypt-only fork being worked on at bug 1044742, or perhaps Cisco's openh264 plugin.

Round table

  • Rename sandbox-dev to not confuse it with dev-sandbox?
  • Firefox 36 deadline (November 25) for Windows EME sandbox?

Actions

  • cpeterson to follow up on sandbox-dev about scheduling a separate meeting to discuss EME sandboxing with cpearce.
  • cpeterson to submit Service Now request to rename "sandbox-dev" to "sandbox-team"
  • cpeterson to clarify Firefox 36 deadline and Windows version (Vista? 7?) requirements