Security/Sandbox/2018-03-15

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

tjr

  • [Spectre] Timer Stuff
  • Wrote a Binary Transparency Roadmap doc
  • Wrote a Mobile Proxy Bypass Test Harness doc
  • Updating the Security Wishlist Doc
  • Landed a MinGW Lint Job and 'final' specifiers in netwerk/

Alex_Gaynor

  • bug 1348361 - make spawning content processes async
    • Almost ready to land, just one or two more review comments left
    • bug 1445249 - make it an error to call IToplevelProtocol::OtherPid() on an unconnected protocol
    • bug 1445958 - fixed a method name in a comment
  • bug 1444175 - mark CamerasParent final
  • Starting to dive into IPC fuzzing

gcp

  • bug 1416016 WebGL creation failed on some websites on Linux
    • Fixed and nomed for beta, should resolve Debian + ESR
  • bug 1445664 firefox.js comments are outdated
  • X protocol interception, minor issues with protocol loggers

jld

  • The regressions we know about are all fixed for 60. I think.
  • Audio fixes (see last week) landed but won't be uplifted; needinfo'd to write SUMO article.
    • There was brokenness in 58 already, but 59 is more broken: doesn't require module-udev-detect.
  • Graphics:
    • connect() brokering landed; filed bug 1445824 for some automated tests
      • Landed *before* the branch, so doesn't need uplift.
    • bug 1445003 - RenderDoc is listening for Internet-domain connections; fixed
      • Not uplifting, because RenderDoc vs. content processes isn't useful, and it's not a sad-tab on not-Nightly
  • Next: assorted needinfos and bugs I need to file.
  • Next after that: shared memory
  • Also I seem to have accidentally volunteered to triage IPC fuzzer bugs
    • Examples: 1445467, 1445472, 1445440, 1445443, 1445438
    • Was planning to talk about this more in the runtime meeting

bobowen

  • bug 1445614 - SetAlternateDesktop failure should not crash the browser.
    • Landed and beta approval given, hopefully make it into 60b4.
  • bug 1444699 - Crash in sandbox::`anonymous namespace'::WarmupWindowsLocales
    • Spike in just one recent Nightly build, had been seen a few weeks ago.
    • Looks like might be down to third party DLLs.
    • Filed chromium bug as the function doesn't need to be dynamically loaded and called any more.
  • bug 1445167 - Make chromium sandbox CHECK and LOG_FATAL messages crash the process.
    • Just waiting on one review, will request uplift once landed.
  • Chromium waiting cursor bug reviewed.

haik

  • bug 1437281 - OSX dragging image to desktop changes OSX File associations
    • Codereview
  • bug 1433577 - [Mac] Enable sandboxing for the Flash NPAPI plugin process
    • Codereview
  • bug 1432567 - [Mac] Add a test that renders fonts from non-standard directories
    • VPN issues

handyman

  • bug 1366256 - NPAPI sandbox level 3
    • Refactored FunctionBroker to opt-into certain type handling
  • bug 1445471 - Crash in EndpointHandler::Copy
    • fixed
  • bug 1427011 - Crash in CAudioSessionControl::QueueStreamSwitch
    • handed off