FoxInABox: Difference between revisions

Latest revision as of 22:15, 12 December 2013

Redirect to:

Security/Sandbox

@@ Line 1: / Line 1: @@
-[[File:Foxinabox.png|thumb||alt=The fox cannot escape the box.|The fox is safe in the sandbox. The fox cannot escape.]]
+#REDIRECT [[Security/Sandbox]]
-= Documentation =
-* [https://docs.google.com/document/d/1opnXiB9qSEtqQKABx3A3gQmuzbUjCkxcVqYaRUYF-8I/edit?usp=sharing One page overview]
-* [https://docs.google.com/document/d/1q8ZK1eDHOHXB7-chKKdK1cyUl56hTmN7XDUe6pE10hI/edit?usp=sharing FAQ]
-* [https://docs.google.com/a/mozilla.com/document/d/1qS4Q1goehqy-55hIQEsEA_XY3lF4xfFColNKQm37KSg/edit?usp=sharing Standing meeting notes]
-* [https://docs.google.com/a/mozilla.com/document/d/14E5ERudaZrx-qcOLttXGkV6DgHIyp3h9IZoqnhuO7X8/edit Process Model]
-* [https://docs.google.com/a/mozilla.com/document/d/1xkRd6xs_QQtBWdo0IIwjdDOnhTvQTDsyt-t_qR7Sw64/edit Addon Strategy]
-= Status =
-We have a plan. Take the e10s code, slap the Chromium sandbox around the content process, and get AdBlockPlus working with it.
-[[FoxInABox/ThingsThatShouldWork]]
-Tracking: {{bug|925570}}.
-Platform specific:
-<table><tr><td>
-=== FxOS / B2G ===
-* {{done|Land Library}} {{bug|742434}}
-* {{done|Tie in to process model}} {{bug|790923}}
-* {{ok|List and prioritize permissions to shut off}}
-* {{ok|Burn down permission list}}
-Permission Burndown List (see {{bug|918680}} for details):
-<bugzilla>
-{
-  "status": ["NEW", "UNCONFIRMED", "RESOLVED", "REOPENED"],
-  "blocks": "918680",
-  "include_fields": "last_change_time, id, summary, status, assigned_to"
-}
-</bugzilla>
-</td><td>
-=== Linux Firefox ===
-* {{done|Land Library}} {{bug|742434}}
-* {{ok|Tie in to process model}}
-* {{ok|List and prioritize permissions to shut off}}
-* {{ok|Burn down permission list}}
-Permission List:
-{|
-|TBD
-|}
-</td></tr>
-<tr><td>
-=== Windows Firefox ===
-* {{ok|Land [http://www.chromium.org/developers/design-documents/sandbox Library]}} {{bug|922756}}
-* {{new|Tie in to process model}}
-* {{new|List and prioritize permissions to shut off}}
-* {{new|Burn down permission list}}
-Permission List:
-{|
-|TBD
-|}
-</td><td>
-=== MacOS X Firefox ===
-* {{new|Land Library}} -- {{bug|387248}}
-* {{new|Tie in to process model}}
-* {{new|List and prioritize permissions to shut off}}
-* {{new|Burn down permission list}}
-Permission List:
-{|
-|TBD
-|}
-</td></tr>
-</table>
-=== Additional Pieces ===
-These are some things that we need to attack next (after a basic sandbox).
-* GPU remoting (TBD)
-* Accessibility support
-* Addon support path
-* Process Model (evolving? 2? Per-Tab?)
-* Incremental tightening plan
-* Child process resource limits
-* DevTools support
-= Resources =
-== Sandboxing ==
-* [[Features/Security/Low_rights_Firefox]] -- {{bug|730956}}
-* [https://intranet.mozilla.org/User:Imelven@mozilla.com/Sandboxing Ian's sandboxing page]
-* [https://github.com/mozilla/servo/wiki Servo]
-* [http://www.chromium.org/developers/design-documents/sandbox Chromium Sandbox]
-* [[B2G/Architecture/System_Security/Seccomp|seccomp sandboxing on b2g]]
-* [http://reverse.put.as/wp-content/uploads/2011/09/Apple-Sandbox-Guide-v1.0.pdf Apple's Sandbox guide]
-== Related projects ==
-* [[Electrolysis]]
-* [[Embedding/IPCLiteAPI]], [https://github.com/tmeshkova/mozilla-central https://github.com/tmeshkova/mozilla-central]
-* [http://en.wikipedia.org/wiki/Google_Native_Client Native Client on Wikipedia] - has links to papers on Native Client's design and use of SFI, as well as papers on SFI itself
-* [[AMO/Squeaky]], or Make Addons Awesome
-== How things work ==
-* [https://developer.mozilla.org/en-US/docs/IPDL/Tutorial IPDL Tutorial]
-* [https://developer.mozilla.org/en-US/docs/DocShell DocShell]
-= Who we are =
-Some folks from the [[SecurityEngineering]] team: briansmith, mmc, keeler, grobinson, ckerschb, sid, and bbondy.
-* Mailing list: boxing@lists.mozilla.org
-* IRC: irc.mozilla.org #boxing

FoxInABox: Difference between revisions

Latest revision as of 22:15, 12 December 2013

Navigation menu

Search