Security/Sandbox/2018-04-19

« previous week | index | next week »

tjr

• Getting MinGW x64 Running
  • Have given up on debug symbols. After solving the dwarf problem, objcopy segfaulted. After getting that fixed; binutils dev suspects 'something' is overflowing 'something' due to magnitude of symbols.
  • Am incrementally working on getting build running w/o debug symbols. 9 hour build cycle =)
  • Have found and fixed one MinGW bug that was causing crashes, so that's exciting! Onto next.
  • Suggestions for identifying GPU process crash with no good message? https://pastebin.mozilla.org/9083416
  • https://hg.mozilla.org/try/rev/1e60e80f21342e34e7f4480e275bf7013e7703ef
• Have begun work on clang CFI
  • Roadmap: Linux -> Windows -> Perf Work
  • Currently: Trying to get a ThinLTO clang build on Linux
  • Timeline: Ask me in a month :)
• Timer Intermittents

jld

• bug 1447867, bug 1439057, bug 1440203: /dev/shm etc.; almost ready to land
  • Now with Android support that somehow passed Try the first time (give or take a typo that broke the build)
  • open+unlink is such an elegant idea if you're not really thinking about what can go wrong…
• bug 1439057 - Un-flipped media.cubeb.sandbox in Snap builds
  • …after testing via about:config
• bug 1453735 - Possible fd leakage; might be CrossProcessSemaphore → graphics? Can't repro though.
  • Because I was looking at raising the fd limit, but we might not be anywhere near it normally?
• Looked at SIGBUS crash in bug 1454112 (and another one that's lost in my browser history)
• IPC cleanup bug filing, mostly shared memory
• https://en.wikipedia.org/wiki/Boltzmann%27s_entropy_formula

gcp

• bug 1129492 Firefox content process has a live connection to the X11 server.
  • Logs have a ton of different stuff at startup
  • Trying to see if we can delay X sandboxing until that is finished
  • Integrating proxy more cleanly into startup
• bug 259356 Support for the Freedesktop.org XDG Base Directory Specification

Alex_Gaynor

• bug 1454628 - small fix from accessibility IPC enum change last week
• IPC Fuzzing
  • bug 1455075 - null-deref that fuzzer hits very easily (introduced with IPDL refactor last week)
  • bug 1455328 - MOZ_RELEASE_ASSERT that the fuzzer hits very easily
  • Lost several days to fighting with clang-6.0 (ultimately gave up; will plow ahead without it)
• Played with starting a moz2d fuzzer

handyman

• bug 1366256 - NPAPI sandbox level 3
  • replacing npswftest didn't fix things (and caused new issues)
• Plugin sec bug
• bug 1450708 - Crash in FunctionBroker
  • wip
• bug 1419488 - Win7 Shutdown hang in CDeviceEnumerator::DestroyHWndNotificationThread (audio)
  • Definitely an OS bug (deadlock)

haik

• bug 1432567 - [Mac] Add a test that renders fonts from non-standard directories
  • OSX 10.10 issue, thought I needed to wait for content to reflow after snapshotting window, that didn't work, needs more debug
• Uplifts
  • bug 1437281 - OSX dragging image to desktop changes OSX File associations
  • bug 1448374 - Loading a .javascript file from a WebExtension's web_accessible_resources messing with macOS file associations
• bug 1450715 - Add pref dom.ipc.plugins.sandbox-level.flash to telemetry
  • codereview
• bug 1452278 - [Mac] Make nsOSHelperAppService::GetFromTypeAndExtension() not call OS MIME API's in content

bobowen

• Canvas remoting.
  • Nearly got a really horribly hacked version working.
• bug 1444699 - Crash in sandbox::`anonymous namespace'::WarmupWindowsLocales
  • Landed patch on chromium, will get it applied to m-c
• bug 1453929 - Enable handle verifier on 32-bit EARLY_BETA_OR_EARLIER
  • Landed

Round Table

• When we have something that looks like an attack from a child process should we just crash the child or the browser?
  • What would the benefit of crashing the entire browser be?
    • Crash reports? Already get those for crashed children? Specifically, paired minidumps with the parent's state.
  • https://wiki.mozilla.org/Security/Sandbox/IPCguide