Security/Sandbox/2018-03-15
From MozillaWiki
« previous week | index | next week »
Contents
tjr
- [Spectre] Timer Stuff
- bug 1443943 System Principal Exemptions landed
- bug 1440195 Context Seed done, to-land
- bug 1441157 AES-CTR in progress, measured performance - got weeeeird results.
- Wrote a Binary Transparency Roadmap doc
- Wrote a Mobile Proxy Bypass Test Harness doc
- Updating the Security Wishlist Doc
- Landed a MinGW Lint Job and 'final' specifiers in netwerk/
Alex_Gaynor
- bug 1348361 - make spawning content processes async
- Almost ready to land, just one or two more review comments left
- bug 1445249 - make it an error to call IToplevelProtocol::OtherPid() on an unconnected protocol
- bug 1445958 - fixed a method name in a comment
- bug 1444175 - mark CamerasParent final
- Starting to dive into IPC fuzzing
gcp
- bug 1416016 WebGL creation failed on some websites on Linux
- Fixed and nomed for beta, should resolve Debian + ESR
- bug 1445664 firefox.js comments are outdated
- X protocol interception, minor issues with protocol loggers
jld
- The regressions we know about are all fixed for 60. I think.
- Audio fixes (see last week) landed but won't be uplifted; needinfo'd to write SUMO article.
- There was brokenness in 58 already, but 59 is more broken: doesn't require module-udev-detect.
- Graphics:
- connect() brokering landed; filed bug 1445824 for some automated tests
- Landed *before* the branch, so doesn't need uplift.
- bug 1445003 - RenderDoc is listening for Internet-domain connections; fixed
- Not uplifting, because RenderDoc vs. content processes isn't useful, and it's not a sad-tab on not-Nightly
- connect() brokering landed; filed bug 1445824 for some automated tests
- Next: assorted needinfos and bugs I need to file.
- Next after that: shared memory
- Also I seem to have accidentally volunteered to triage IPC fuzzer bugs
- Examples: 1445467, 1445472, 1445440, 1445443, 1445438
- Was planning to talk about this more in the runtime meeting
bobowen
- bug 1445614 - SetAlternateDesktop failure should not crash the browser.
- Landed and beta approval given, hopefully make it into 60b4.
- bug 1444699 - Crash in sandbox::`anonymous namespace'::WarmupWindowsLocales
- Spike in just one recent Nightly build, had been seen a few weeks ago.
- Looks like might be down to third party DLLs.
- Filed chromium bug as the function doesn't need to be dynamically loaded and called any more.
- bug 1445167 - Make chromium sandbox CHECK and LOG_FATAL messages crash the process.
- Just waiting on one review, will request uplift once landed.
- Chromium waiting cursor bug reviewed.
haik
- bug 1437281 - OSX dragging image to desktop changes OSX File associations
- Codereview
- bug 1433577 - [Mac] Enable sandboxing for the Flash NPAPI plugin process
- Codereview
- bug 1432567 - [Mac] Add a test that renders fonts from non-standard directories
- VPN issues
handyman
- bug 1366256 - NPAPI sandbox level 3
- Refactored FunctionBroker to opt-into certain type handling
- bug 1445471 - Crash in EndpointHandler::Copy
- fixed
- bug 1427011 - Crash in CAudioSessionControl::QueueStreamSwitch
- handed off