Security/Sandbox/2016-07-21

« previous week | index | next week »

bobowen

• bug 1287984 - Content process cannot open GPU process DIBs - patch up for review
• bug 1285942 - RecordedEvent::PlayEvent should return a bool, so that Translators can handle certain errors more gracefully. - landed
• bug 1288021 - GMPs on a Network path not mapped to drive letter fail to load. - hopefully landed by now
• bug 1180684 - Keyboard interaction for some games doesn't work with the low integrity NPAPI plug-in sandbox enabled - this was sb+ed, should we rethink or at least make sure cpeterson is aware
• bug 1273765 - GetTextMetrics failure in _cairo_win32_scaled_font_set_metrics, when printing specific PDF - need to look a bit more into this, removed sandbox tracking now that bug 1285942 has landed.
• bug 1287426 - Update security/sandbox/chromium/ to Chromium stable channel version 49.0.2623.112 - patches up for review
• bug 1246505 - Let the Windows low integrity content sandbox ride the trains. - hopefully landed by now
• bug 1252877 - Add support for taking plugin window captures at the start of a scroll - landed

jld

• bug 1286324 - Changed clone() that isn't pthread_create to EPERM instead of crash; which uncovered:
• bug 1287437 and bug 1287971 - Leak Sanitizer was (always?) silently broken under sandboxing and now is loudly broken
• Copypasted a lot of crash signatures onto their bugs. I *think* I got all the ones mass-assigned to bug 1280415 so it could be untagged...?

tedd

• land/review patches for nightly bugs tracked by bug 1280415

gcp

• land/review patches for seccomp on Nightly
• bug 1288410 Extend SandboxBroker to allow adding paths
• bug 1284240 Telemetry for seccomp-bpf support looks faulty

haik

• bug 1274540 - Record sandboxing status in crash reports - patch on reviewboard
• bug 1284291 - Add the 'com.apple.fonts' service to the sandbox profile. - Nightly/Sierra not stable for me right now
• bug 1228022 - Trigger print jobs from the parent instead of the child for OSX

aklotz

• bug 1287426 - Rubber-stamped (chromium update)
• bug 1285356 - Landed (DLL blocklist regression)

Roundtable

• Do we have a story for XPCOM APIs that demand actual files, like mozIJSSubScriptLoader?
  • Conclusion: not really, and there's confusion about add-on file access in general; jld will file a sub-metabug and needinfo billm.
• fyi, bugs filed for documentation (by :arroway): https://bugzilla.mozilla.org/showdependencytree.cgi?id=1287730&hide_resolved=1