FoxInABox
Jump to navigation
Jump to search
Documentation
Status
We have a plan. Take the e10s code, slap the Chromium sandbox around the content process, and get AdBlockPlus working with it.
FoxInABox/ThingsThatShouldWork
Tracking: bug 925570.
Platform specific:
FxOS / B2G
- [DONE] Land Library bug 742434
- [DONE] Tie in to process model bug 790923
- [ON TRACK] List and prioritize permissions to shut off
- [ON TRACK] Burn down permission list
Permission Burndown List:
| TBD |
Linux Firefox
- [DONE] Land Library bug 742434
- [ON TRACK] Tie in to process model
- [ON TRACK] List and prioritize permissions to shut off
- [ON TRACK] Burn down permission list
Permission List:
| TBD |
Windows Firefox
- [ON TRACK] Land Library bug 922756
- [NEW] Tie in to process model
- [NEW] List and prioritize permissions to shut off
- [NEW] Burn down permission list
Permission List:
| TBD |
MacOS X Firefox
- [NEW] Land Library
- [NEW] Tie in to process model
- [NEW] List and prioritize permissions to shut off
- [NEW] Burn down permission list
Permission List:
| TBD |
- bug 790923 - seccomp sandboxing (B2G Linux)
- bug 387248 - Mac OS X (Apple's Sandbox guide)
- bug 730956 - Low rights Firefox (whole app sandbox)
Puzzle Pieces
- GPU remoting (TBD)
- Accessibility support
- Addon support path
- Process Model (evolving? 2? Per-Tab?)
- Incremental tightening plan
- Child process resource limits
- DevTools support
Resources
Sandboxing
Related projects
- Electrolysis
- Embedding/IPCLiteAPI, https://github.com/tmeshkova/mozilla-central
- Native Client on Wikipedia - has links to papers on Native Client's design and use of SFI, as well as papers on SFI itself
- AMO/Squeaky, or Make Addons Awesome
How things work
Who we are
Some folks from the SecurityEngineering team: briansmith, mmc, keeler, grobinson, ckerschb, sid, and bbondy.
- Mailing list: boxing@lists.mozilla.org
- IRC: irc.mozilla.org #boxing