Security/Sandbox/2016-05-19
From MozillaWiki
« previous week | index | next week »
bobowen
- bug 1035125 - On Windows, plugin-container.exe is linked against the sandbox_s library twice - landed
- bug 1189846 - Print Edit 15.10 - landed
- bug 1270447 - Printing via parent fails when using pref print.always_print_silent=true - should have patches ready soon
- bug 1271348 - Matrix print full width - uplifted to Beta
- bug 1271900 - Firefox prints with wrong size when either size is less than inch - uplifted to Beta
tedd
- bug 1259508 - sys_clone violation - review granted, tests passed, merged to inbound
- bug 1270147 - remote nsIOService::SpeculateConnect - landed
- testing regarding file system access
- mkdir seems to be only used by pulse audio when creating a 'pulse' directory in home (no longer an issue when sys_clone landed)
- inotify_add_watch seems to be used by glib for '/usr/share/applications' directory
- symlink used by pulseaudio for symlinks in /tmp (/tmp/pulse-Oc0NEJg1XY43 -> '/home/user/.config/pulse/7e0500105687f83e69bc36c15609361a-runtime.tmp')
- talked to :jld about file broker on linux desktop (he didn't have the same problems we have)
haik
- {{bug|1272764} - Remove OS X 10.6-10.8-Specific Sandboxing Code
- {{bug|1272772} - Inline system.sb and remove unneeded rules
- Wiki page on sandboxing and file system access: https://wiki.mozilla.org/Security/Sandbox/Deny_Filesystem_Access
aklotz
- bug 1270018 - NS_APP_CONTENT_PROCESS_TEMP_DIR should only return the sandbox writeable temp - bsmedberg doesn't really like this. I'm going to respond to his comments and see what he says.
gcp
- bug 1098428 Add Linux sandboxing information to Telemetry
- bug 1273852 Seccomp sandbox violation: sys_getsockopt called in content process of Firefox desktop
- bug 1273859 Seccomp sandbox violation: sys_pwrite64 called in content process of Firefox desktop