Security/Sandbox/2014-04-17

From MozillaWiki
Jump to: navigation, search


« previous week | index | next week »

17 April 2014

B2G

  • open stuff is still complicated
    • The chromium sandbox doesn't filter open (probably for the same reasons that we are finding it complicated)
  • we are wondering what we can do to make IPDL faster (we may make heavy use of it in sandbox)
  • libgenlock is using the open syscall frequently, if we turn off open it becomes an issue (this is perf critical)
  • may have to use binder to lock down open, but may be more error prone
    • If so… how is binder different from `SCM_RIGHTS`?

Windows (openh264)

  • Tim spent a lot of the week trying to get it to build
    • Looks like it will be pretty simple to get the sandbox applied to the process for openh264
    • expects a patch by the end of next week for this
  • Integrity levels: we've started to use "low" instead of untrusted
    • you can't create D3D device connections from untrusted processes
    • Chrome proxies GPU stuff through a GPU process that's got a higher level than the content process
    • IE just uses "low"

Extra:

  • jld got seccomp working on x86 kitkat emulator (will be on TBPL)