- bug 1228022 - Trigger print jobs from the parent instead of the child for OSX - landed, made build 51
- bug 1299329 - Remove printing-related privileges from content process sandbox - on reviewboard
- bug 1284588 - OS X: Disable content process write access to user files in the home directory - on reviewboard
- Updated https://wiki.mozilla.org/Sandbox/Mac/Debugging with some info on launchctl
- bug 1147911 - Use a separate content process for file:// URLs
- Have this working with everything that I've tested, so far. Need to do some more testing around things like session restore and dev tools. Also probably need to look at updating and adding to some of the existing tests.
- bug 1303325 - Network Drive file:// URLs not accessible with USER_NON_ADMIN token after chromium update
- Found the culprit - slight change to one of the interception functions was preventing the impersonation return to normal after testing the Anonymous impersonation that happens in CoInitializeSecurity.
- bug 1289718 Construct a seccomp-bpf policy for file access on Linux Desktop
- bug 1303987 Some mochitests do file (write) access in the content process
- Also print preview
- Content crash logging
- stat64 shenanigans
- looking at a sync test failure (socketcall?)
- bug 1241250 - Prezi frozen at loading on fresh profile with latest Nightly 64 bits
- Reported fix was another false alarm. I think they are looking at it again.
- bug 1251202 - Implement Default Audio Device Notifications for NPAPI plugins on Windows.
- bug 1303755 - Flash code using GetKeyState crashes attempting IPC from non-main thread on Windows
- bug 1269114 - [x86_64] Last picked directory not saved when using Flash Player uploader
- bug 1289718 - Construct a seccomp-bpf policy - finished review
- bug 1104619 - Sandboxing support for audio - having some thread problems because of sync protocol (going to make this a little more complicated than expected)
- security assurance work
- XP/Vista discussion ongoing
- Should Flash runas bug 1228880 block 64-bit roll-out? No.