7 August 2014
- Windows sandboxing
- Talked with cpearce. He'd like me to make the patch in bug Bug 1027902 work with his EME changes, so I've started doing that (updated patch available). Fixed the `CreateEvent` issue but now we're getting "access denied" when trying to load the plugin DLL, even though we add a policy exception for that file path.
- Bug 1018966 - Warn only sandbox - patches uploaded, waiting for reviews from bsmedberg.
- Jed at defcon
- Very close to having a landable patch. Andre's sandbox ruleset is much better, so we've decided to use that. Hopefully will be able to start the review process later today, and land on trunk today or tomorrow. The rules are tight, and EME plugins are likely to break against them. But we currently have no EME plugins to test with, so we'll wait for the various vendors to exercise due diligence and contact us with problems.
- Do we know what security requirements we have for the GMP sandbox? What types of patches will we need to uplift? Which ones can wait and ride the trains? What about EME?