« previous week | index | next week »

Standup/Status

Windows

• Content Sandboxing
  • bug 1137166 - sandboxing levels using a pref - landed.

• GMP/EME Sandboxing
  • EME planning to ship in 38.

Linux/B2G

• Content Sandboxing
  • The patches to make remote jars not open files in the content process have finally landed.
  • Unwhitelisting unlink() is on its way.
  • Also, making readlink() fail instead of allowing it.
    • Fun fact: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto also loads NSS in the content process, not just WebRTC.
  • v2.2 needs some uplifts for Lollipop

• Other Linux work
  • Testing for the presence of more advanced sandboxing features landed, and had an obvious-in-hindsight bug that ASAN caught (but not on automation, because their kernels are too old)
    • rel ops is going to look into upgrading automation to Ubuntu 14.04.

Mac

• Content Sandboxing
  • "breaking addons once" and "breaking nothing now" are mutually incompatible expectations. The 2nd expectation requires to allow "read all", which may still break some addons for other reasons, and as a later sandbox will turn that to "read-some", a 2nd wave of addons will break, contradicting 1st expectation. Keeping the default sandbox level to 0 seems to be the only sensible option for now.
  • agreed to have a "allow read mostly everywhere" rule, will only restrict access in "$HOME/Library" to addons inside the profiles dirs. Will raise the default level to 1. Should post the patch after the standup.
  • implement level 2, to be more strict. basically will be what level 1 is today.

• GMP/EME Sandboxing
  • Close to finishing bug 1110911 ("Move Mac sandboxing code into plugin-container").

Chromium

• Chromium update - gcc-4.6 not sure if Android and B2G are a problem.
  • Bob to follow up with mwu.

Round Table

• Added BUG_COMPONENT metadata for security/sandbox/