Security/Sandbox/2016-09-08

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »


bobowen

  • bug 1287426 - Update security/sandbox/chromium/ to Chromium stable channel version 49.0.2623.112
    • landed.
  • bug 1259601 - Add sandbox status to about:support (added security.sandbox.content.level for all OS)
    • uplifted to Aurora
  • bug 1259087 - Add Windows sandboxing information to Telemetry (added security.sandbox.content.level to environment for all OS)
    • landed and uplifted.
  • bug 1301034 - Log when non-static file policy AddRule calls fail in Windows SandboxBroker
    • this is for GMP problem diagnoses mainly, I'll pick up this week.
  • Started looking at a separate process for file:// URLs, have rough understanding of the js/c++ code associated with this now, nothing working yet. Need to find an appropriate bug to take.

tedd

  • Currently at the WW in Berlin (somewhat limited in my time)
  • bug 977786 - reviewed nsProfileLock test
  • bug 1289718 - Construct policy - looking at patches from :gcp for review (not quite done yet)
  • bug 1104619 - Remote audio - making some progress

haik

  • bug 1228022 - Trigger print jobs from the parent instead of the child for OSX - working on code review feedback
  • bug 1290619 - Content sandbox rules should use actual profile directory, not Profiles/*/ regex's - re-review done, should be ready to land today
  • bug 1299329 - Remove printing-related privileges from content process sandbox - testing with things that sound print-related removed

jld

gcp

  • Finished up filesystem broker (bug 1289718)
  • Reviewing XRemote patches
  • Updated desktop

handyman

  • bug 1251202 - Implement Default Audio Device Notifications for NPAPI plugins on Windows
    • At the testing phase
    • Might have made a few funky architectural decisions to clean up
  • bug 1241250 - Prezi frozen at loading on fresh profile with latest Nightly 64 bits
    • Just in : Looks to be fixed downstream by Prezi...
  • bug 1299611 - Adding policy rules to the Windows sandbox can cause a buffer overrun
    • Passed to Chromium to be patched upstream

group update from the security team (Summary)

Auditing/Investigation

Security Model

  • Closer to complete security model
  • Still some specific areas outstanding (TLS, addons esp. addon SDK notably)
  • publish to wiki and integrate with existing content

Maintaining a secure sandbox

  • point of a approval for landing?
  • sandbox changes
  • architectural changes which impact sandbox (e.g. changes to remoted APIs which move security boundaries)

Next Steps

  • continue auditing the code to determine if gecko parts conform to security model
    • First pass of IPDL audit, complete message manager audit
  • engage additional resources to get chromium fuzzer work started
  • fuzzing is working on fuzzer for message manager (aim to complete this month)
  • get the security model up onto the wiki

Roundtable

  • bug 1186187 - SandboxMirror kernel extension to help reverse engineer Apple's sandbox implementation