Security/Sandbox/2014-12-11
From MozillaWiki
« previous week | index | next week »
Standup/Status
Windows
- Content Sandboxing
- bug 1103946 - Changed mach / mochitest option for new more strict policy pref
- Started looking at virtual cameras for testing capture
- Spoke to jmaher at the airport over mochitests, looks like we could use subsuite functionality that already exists to run some tests in a separate job with the weaker policy
- GMP/EME Sandboxing
- Tested latest version of CDM and seemed to work with sandbox on Windows 7, no need for access to KsecDD
- CDM gtests don't use WMF; edwin has a patch to use WMF for testing next week.
- Use WMF on Windows mochitests
- Use ClearKey (decrypting, non-decoding) CDM on non-Windows mochitests
- Adobe delivered another CDM build last week. Uses OP.
- chromium sandbox's DLL unloading list is specified in chrome process, so CDM sandbox can't dynamically unload all non-whitelisted DLLs.
- Other Windows work
- bug 1102211, bug 1102213, bug 1102215 - Patches for review to move chromium code into one directory structure
Linux/B2G
- Content Sandboxing
- Experiments with brokering open() et al. for FxOS 2.2
- Current blocker: breaks on Flame because graphics drivers don't like being passed between processes; will try de-lazifying EGL initialization.
- Experiments with brokering open() et al. for FxOS 2.2
- GMP/EME Sandboxing
- No change.
- Other Linux work
- Header cleanup and seccomp program building cleanup (JoinInstructions) landed
- These were two of the blockers for updating security/sandbox/chromium
- Header cleanup and seccomp program building cleanup (JoinInstructions) landed
Mac
- Content Sandboxing
- adding camera and mic related rules
- found that there are defined variables which I can use in the sandbox rules scripts, notably the "container" and "home" paths, this should make the rules more elegant than writing those at runtime as we currently do
- 3–4 weeks to wrap up
- concerns about the need to access files in write mode from content process, even though they are in "temp" directories: if I block those write accesses, the content process crashes
- e10s should make more resources accessed by the main process, so the content process can be more tightly restricted
- GMP/EME Sandboxing
- bug 1083284: Landed addtional sandox rules to accomodate Adobe's code fragment. Still need to incorporate a version of the code fragment into automated tests.
