Standup/Status

Content Sandboxing
- bug 1136238 - started looking at changing the moreStrict prefs to an int "level" pref. I'll probably change the Mac one at the same time.

GMP/EME Sandboxing
- EME is being uplifted to Beta 37 for testing. Are there any sandboxing patches that need to be uplifted, too?
  - Bob will uplift some process mitigations in 38 to 37.

Content Sandboxing
- JARs: replacing nsDownloader by downloading to memory works, and has been (mostly) reviewed, and needs some more work but the approach seems to be okay.

Other Linux work
- Namespace/chroot: feature detection out for review, actual patches mostly presentable.
- gfx team plans to remove dependency on xrender, but not glx.

Content Sandboxing
- bug 1136407 - Tighter sandboxing rules broke mochitests on OS X 10.9 and 10.10
  - Does Release Engineering have plans to add 10.9 or 10.10 test machines?
- bug 1083344 - lots of feedback yesterday about breaking mochitests on 10.9 and 10.10, which resulted in enough info to write a few more rules which should fix the failures, new patch ready for review.
- it would help to have ppl testing with level=1 so i get more feedback after the patch is applied, then switch back level default to 1 (backout https://hg.mozilla.org/mozilla-central/rev/3ed19dfc6443)

GMP/EME Sandboxing
- Started work on bug 1110911 ("Move Mac sandboxing code into plugin-container"). Have removed all XUL dependencies from Mac sandbox code.

bug 1136040 - Update to chromium in bug 1102195, broke building with gcc-4.6. It was already broken by a couple of other bugs but they would be easy to fix. In contact with some Linux Firefox packagers and it may be that dropping 4.6 will not be too painful.
bug 1135051 - need to add licence for SuperFastHash for update in bug 1102195. I have an r+ just waiting to see what happens with bug 1136040.

Actions

blassey to find someone on Rel Eng or A-Team to update Treeherder machines from OS X 10.8 to 10.10.
jld to file bug inquiring about newer kernels on Linux test machines