29 may 2014
- Windows sandboxing
- Posted to dev-platform about building sandboxing code. No issues raised so far.
- Updated patch for bug 985252 awaiting review
- Build test failures (intermittent orange turned permaorange) no longer occur with newest patch
- Newest patch implements env variable for disabling sandboxing of GMP processes
- To do
- Investigate/fix bug 1014002 which blocks bug 985252
- After landing bug 985252, file and implement followup bugs for ratcheting down security of gmp process sandbox (might use bug 1011491 as tracking bug for GMP and content process sandbox policies)
- Bobowen is still working on getting violation logging set up for TBPL (and then during local runs without needing procmon)
- Mac sandboxing
- Maybe smichaud?
- Linux sandboxing
- Still looking for someone to own this. Maybe jld?
- Maire will ask cpearce what the eme extension needs (permissions-wise) for the linux sandbox
- Julian Hector (:tedd) Firefox OS Security intern (hi!)
- Status with open() on B2G (again)
- Kang reaching out to google folks to learn how they do OPEN locking-down
- arroway on PTO, no update (need to figure out where to go with this)
- Coming soon: seccomp on N4/N5
- (Flame seccomp depends on Flame kernel/boot.img build, which is still waiting on a bunch of reviews & questions of how to keep our Gonk from diverging from T2M's.)
- …although the boot.img is redistributable. (Bug: 1004195)
- We put GL proxying/remoting aside for a while because it is a huge task. But we still want it.
- Filed bug 1017393: Identify system call rejected by seccomp sandbox more clearly in crash report.