- bug 1317293 - Add remote type match check to nsFrameLoader::SwapWithOtherRemoteLoader
- bug 1317921 - Handle nested file URIs with the file content process
- Patch nearly ready, just need to write a test as well.
- bug 1327942 - Browser can't load the page (urlbar and title twitch between 2 values) if it tries to access renamed local file
- bug 1328829 - Can not open a local HTML file in a view-source tab
- Patches up for review.
- Working on review for bug 1284897.
- bug 1329216 - crash on 'print' dialog
- submitted a patch, having trouble testing the patch due to CUPS
- patch builds and I can print to file, so that works
- bug 1325647 - automated bound checking for integers in IPDL
- got feedback from :billm, cleaned up patch, asked for review
- need to work on a strategy to get people to use it
- bug 1330326 Make sandboxing policy more configurable via preferences
- Slowly making actual progress on X11 proxy
- bug 1332522 - [Mac] remove ~/Library read restriction from file content process sandbox
- Patch ready for review
- bug 1333681 - [Mac] Level 2 profile directory read restrictions don't work for profiles in /var/folders
- Need to resolve devtools test failures due to how they store files in profile dir
- bug 1329822 - file:// documents can't use <a download=foo.txt> to set a download name/force a download
- Should have patch ready today
- Assorted sandbox/IPC reviews
- Filed / reviewed / gave slightly bad advice about bug 1332501
- (and other bugs)
- bug 1286865, syscall reporting: added timestamps, some cleanup
- No bug yet: pref for crashing on rejected syscalls; mostly written, not tested
- "security.sandbox.seccomp-bpf.crash-on-error" may need a different color of bikeshed paint
- bug 1284897 - 64 bit Flash Player has storage permissions issues
- patches in review
- bug 1317735 - Consolidate env vars for logging
- Pref: "security.sandbox.logging.enabled" -- currently defaults to 'on'
- Env var: "MOZ_SANDBOX_LOGGING"
- Linux (still) doesn't support the pref security.sandbox.logging.enabled
- uplift to aurora?
- Write new patch to turn off by default on Windows
- Triage linux sandboxing milestones
- bug 1026867 - Does it still need to be hidden? Also we should “fix” it for desktop at some point, because we (probably) can.