202
edits
Changes
Cleanup and add RDD process
== OSX ==
=== Content Levels for Web and File Content Processes ===
Mac content processes use sandbox level 3. File content processes (for file:/// origins) also use level 3 with additional rules to allow read access to the filesystem. Levels 1 and 2 can still be enabled in about:config, but they are not supported and using them is not recommended. Different sandbox levels were used for testing and debugging during rollout of Mac sandboxing features, but they now are planned to be removed. Mac sandboxing uses a white list policy for all process types. Each policy begins with a statement to deny all access to system resources and then specifies the allowed resources. The level 3 sandbox allows file system read metadata access with full read access for specific system directories and some user directories, access to the microphone, access to various system services, windowserver, named sysctls and iokit properties, and other miscellaneous items. Work is ongoing to remove access to the microphone, windowserver, and other system services where possible. The sandbox blocks write access to all of the file system, read access to the profile directory (apart from the chrome and extensions subdirectories, read access to the home directory, inbound/outbound network I/O, exec, fork, printing, video input devices such as cameras. Older sandbox levels 1 and 2 are less restrictive. Mainly, level 2 allows file-read access to all of the filesystem except the ~/Library directory. Level 1 allows all file-read access. Level 1 restrictions are a subset of level 2. Level 2 restrictions are a subset of level 3.
=== Gecko Media Plugin Processes === The Gecko Media Plugins (GMP) policy is defined in [https://dxr.mozillasearchfox.org/mozilla-central/search?qsource/security/sandbox/mac/SandboxPolicyGMP.h SandboxPolicyGMP.h]. === Remote Data Decoder Processes =pluginSandboxRules&redirect=false&case=true Filter rules The Remote Data Decoder (RDD) policy is defined in [https://searchfox.org/mozilla-central/source/security/sandbox/mac/SandboxPolicyUtility.h SandboxPolicyUtility.h].
=== NPAPI Flash Process ===
Enabled in Firefox starting with build 62. The Mac Flash sandbox is enabled at level 1. Some features are affected by the Sandbox and those are documented in [https://support.mozilla.org/en-US/kb/changes-affecting-adobe-flash-firefox-mac "Changes affecting Adobe Flash on Firefox for Mac" on support.mozilla.org]. {| class="wikitable"|The Flash policy is defined in [https://searchfox.org/mozilla-! Level (domcentral/source/security/sandbox/mac/SandboxPolicyFlash.ipch SandboxPolicyFlash.plugins.sandbox-levelh].flash) !! What's Blocked by the Sandbox?|-| Level 1 ||* write access to most of the filesystem* exec, fork|-| Level 2 ||* write access to most of the filesystem* read access to most of the filesystem (with some read access allowed, triggered by Flash file dialog activity, however this does not work reliably)* exec, fork* printing|-| Level 3 ||* write access to most of the filesystem* read access to most of the filesystem (without any support for file dialogs)* exec, fork* printing|}
== Linux ==
