Security/Sandbox/2017-03-30

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

haik

  • bug 1334550 - Proxy moz-extension protocol requests to the parent process
    • Debugging a Windows issue, cleaning up code

jld

  • is back and partly made of metal (and has not read the entire past 6 weeks of bugspam)
  • Did a trivial review or two
  • Tossed an idea into bug 1308400
  • There are a bunch of B2G bugs and they all look wontfix-able, more or less

gcp

  • bug 1308400 Construct a file broker policy for default-deny read access on the Linux Desktop
  • Need a realpath replacement with W^R
  • Still not telemetry in for rejected syscalls? Will file a bug.

bobowen

  • bug 1336703 - [e10s] Firefox does not render file URL from network drive and bug 1344453 - [BUG] [Windows] [e10s] Unable to open attachments from Windows Mail trusted store app in Firefox
    • Fixed by adding an allow read rule to all paths.
    • Nominated for uplift.
  • bug 1344465 - Can't submit form using post method form WebExtensions or file:// page
    • Broken this out into bug 1351358 for the file:// case.
    • I'm going to flip the allowLinkedWebInFileUriProcess to fix initially.
  • bug 1337331 - Update security/sandbox/chromium/ to Chromium stable channel version 56.0.2924.87
    • Re-landed after a backout due to local build problems.

roundtable

  • How many file brokers (or equivalent) will we have and can we share code?
  • Target for next major feature release (file:// process) is now 56