Security/Sandbox/2017-01-19

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

haik

  • bug 1329294 - Windows content temp dir not in LocalLow when run on treeherder
    • Problem is just occurring on win64 tests, the LocalLow\Mozilla directory is present when problem occurs, still debugging
  • Researching web extensions (AI from Hawaii meeting)
  • bug 1332190 - [Mac] Remove file system read access from content sandbox when separate file process in use

bobowen

  • bug 1321724 - [e10s] Local HTML cannot be opened in Firefox 50
    • Reporter has tested the fix, waiting for feedback on fix.
  • bug 1317293 - Add remote type match check to nsFrameLoader::SwapWithOtherRemoteLoader
    • This check appears to work now, so should be able to land soon.
  • bug 1317921 - Handle nested file URIs with the file content process
    • I think we just need to use the innermost URI for this check.
  • bug 1327942 - Browser can't load the page (urlbar and title twitch between 2 values) if it tries to access renamed local file
    • Down to us not allowing the error page in the file content process.
    • Patch ready, need to write a test.
  • bug 1328829 - Can not open a local HTML file in a view-source tab
    • We were keeping the related browser when switching remote type, which means the switch doesn't work.
    • Patch ready, need to write a test.
  • bug 1152353 - FX 37.0.1 Printer Properties Freeze
    • potential fix for this didn't work, need to look into what Windows messages are getting lost.
  • bug 1242463 - Create some basic printing tests.
    • Some progress on this, need to add more C++ helpers than I thought as JS can't deal with DataSourceSurface.


gcp

  • bug 1330326 Make sandboxing policy more configurable via preferences
  • bug 1329216 crash on "print" in print dialog
  • X protocol proxy - I have a name but feel free to suggest something witty/clever

tedd

  • bug 1329216 - crash on 'print' dialog
    • identified the issue, working on patch

jld

  • bug 1286865 - seccomp reporting
    • Have core, XPCOM glue, and about:support UI
    • Could use some comments / cleanup, but basically f?-ready at least. (Unit tests would be nice….)
    • Open questions: how to set up Telemetry, whether I can get info into crash reports
    • Feature suggestion from jimm: add timestamps.
  • Need to do reviews for bug 1330326 (sandbox whitelist prefs) and bug 1331297 (IPC libevent upgrade)

handyman

  • bug 1284897 - 64 bit Flash Player has storage permissions issues
    • wip
  • bug 1329328 - 64-bit Firefox on Win10 - Flash Downloads result in OS Permission errors
    • related to 1284897. We asked Adobe to be explicit about how they name tmp files so we can white-list

their creation/read/write/deletion on Windows.

  • bug 1312788 - Add console warning and telemetry if service workers are used in the file content process
    • landed
  • bug 1306239 - Add pref to toggle OS X sandbox violation debugging, default on
    • landed

round table