Security/Sandbox/2017-04-20

« previous week | index | next week »

bobowen

• bug 1351358 - Can't submit form to http(s) URL using POST method from a file:// page
  • I have this pretty much working like chrome, couple of edge cases to work out and tests to write.

haik

• bug 1334550 - Proxy moz-extension protocol requests to the parent process
  • Changed code to use new SimpleChannel
  • 1 Memory leak to deal with
• bug 1332190 - [Mac] Remove file system read access from content sandbox when separate file process in use

Alex_Gaynor

• bug 1294641 - Running nightly from your home directory now works!
• bug 1357758 - Replacing blacklist with whitelisting for the mac sandbox policy - mostly trying to assess how many blockers there are
• bug 1357846 - Fixing a test when run under sandbox level 3
• Starting to explore how to establish how much work it'd be to enable win32k lockdown

jld

• Looking into networking/sockets stuff
• Our friends in media have remoted getifaddrs bug 1345511 and fixed the thing I had to work around on B2G bug 969715
  • Blocking bind/listen/accept could land approximately now, judging by Try
  • The patch for 1345511 is… not simple; I'm glad I didn't try to do that myself.
• xpcshell tests haven't been sandboxed for a while
  • And one of them (dom/base/test/unit_ipc/test_bug553888_wrap.js) is the infamous httpd.js test
  • The prefs are in firefox.js, so xpcshell doesn't load them, so the “sandbox level” prefs are 0, but these are otherwise normal content processes
  • I'll file a bug
• DBus
  • Exits the process if you shutdown read on its socket, but only on some systems.
  • Used directly in a few places (PowerManager, a11y, WiFi Scanner)
    • Might all be parent-only or easily e10s-able; not sure yet
  • I'll file some bugs

handyman

• bug 1347710 - GPU Sandbox - need to check webrender
  • uplifting to beta

roundtable

• Linux Sandbox feature telemetry probes are expiring; should they?
  • Action item: jld to ask gcp
• LastPass and extension content scripts
  • https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Native_messaging
  • Look into native messaging handling and the sandbox
    • who launches the binary?
    • security around the message handling if this process runs at user level -> jimm to chat with Paul about this (done)
• securing level settings beyond level 1 rollout
  • file bug on locking base level at 1 (win/osx, linux can wait) -> jimm (Bug 1358223)
• do we need MOZ_ALLOW_WEAKER_SANDBOX? (Bug 1358227)
  • file bug on removing this -> jimm
• Browser Security Comparison paper: http://files.accuvant.com/web/files/AccuvantBrowserSecCompar_FINAL.pdf
  • From 2011, maybe a starting point
• Out of process WebExtensions
  • bug 1190679 - Run WebExtensions out of process
  • bug 1357486 - Turn on OOP extensions by default on Windows and OS-X
  • And other dependencies