Security/Sandbox/2017-06-01

« previous week | index | next week »

jld

• DConf bug 1321134:
  • The shared-memory files are to signal readers to invalidate caches
  • If they can't be created, DConf *does* work, but rereads/reparses on every pref read
    • And prints a scary error message saying it won't work.
  • Uses DBus only for write, so that won't be a problem like I'd thought
  • Filed followup bug 1369118 for the possibilty of remoting this
    • It's hard to make a case for, but at least it's on file.
• ESET
  • libesets_pac.so is also present in a consumer product, NOD32
    • Which is inexpensive, has free trial licenses, & can be bought normally
    • But also, it's not so unreasonable to use it with Firefox (vs. an enterprise server product)
  • Tested with Beta 54: browser works fine
    • Detects (and deletes!) the EICAR test file, but that's in the parent b/c brokering
    • Haven't tested GMP yet
    • Don't know what causes the msgsnd() call yet
      • This version of the .so does contain a msgsnd() call.
• The LD_AUDIT bug
  • https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1243473
  • glibc from ≥ 2013 is fixed
  • Ubuntu 12.04 is affected, but we're using it for CI even though it's past EoL
  • Older distros (e.g., RHEL 5/6) might be affected but we can't sandbox there, so it doesn't matter

haik

• bug 1334550 - Proxy moz-extension protocol requests to the parent process
  • Addressed Kris's feedback, pushing to address some things in follow-up
  • Got r+ from mayhemer (Necko), still need r+ from Kris
  • Working on what would be a follow up patch to use JAR cache
• bug 1350642 - Remove the PBrowser::Msg_GetTabCount sync IPC
  • Have a working fix, but it's not optimal
  • Got some feedback about how to improve

gcp

• https://treeherder.mozilla.org/#/jobs?repo=try&revision=f66d2217276486620f57b00af743c915136d7de4
• 1 mochitest (subworkers is weird), 2 xpcshell tests (telemetry, i18n might be glib)
• some suspect stuff with opening directories - maybe AddDir doesn't allow open on dir itself
• file process sandboxing works

Alex_Gaynor

• bug 1358223 - Hardcode the lowest allowable content sandbox level
  • Landed!
• bug 1365257 - Consolidate MOZ_DISABLE_CONTENT_SANDBOX logic into GetEffectiveContentSandboxLevel
  • Mostly done, very small behavioral changes in Linux that might really be bug fixes
• bug 1363760 - Install special powers as a non-temporary addon in tests
  • checkin-needed!
• bug 1367560 - Test failing at level 3 because of Directory instantiation

bobowen

• bug 1358964 - Temp folder is not deleted on exit
  • Landed and uplifted.
• bug 1323188 - Running Firefox from some network drives fails with an initial restricted access token.
  • I've got a fix for this that works with firefox.exe, but not plugin-container.exe yet.

handyman

• bug 1367806 - Crash in PostToPluginThread
  • Residue from Flash mouse lock sandbox fix. Fixed.
• bug 1368033 - Intermittent orange in TestDllInterceptor
  • Same.
• bug 1334803 - XFinity login fails due to Flash sandbox
  • Determining if we can reasonably fix thru weakening sandbox by adding restricting SIDs