Security/Sandbox/2014-09-25
From MozillaWiki
« previous week | index | next week »
25 September 2014
Standup/status
- Windows sandboxing
- GMP/OpenH264/EME
- Work ongoing in bug 1066326 to pre-load system DLLs specified by the EME plugin
- Content
- Bug 1067301 - add --content-sandbox option - landing
- Bug 1067312 - create low integrity TEMP at start - landing
- Bug 1068000 - add chrome.* pipe rule to policy - landing
- GMP/OpenH264/EME
- Linux
- socketpair bug: waiting on upstream; will shortly stop waiting
- Telemetry incident:
- Beta is unrepresentative
- …but we should improve the UX a litlte, like hiding from about:addons
- User namespaces: we're up to ~2/3 of Desktop. Thanks, Ubuntu!
- Testing
- need test plugin in tree that makes same API calls as Adobe CDM
- need (preliminary builds of) Adobe's CDM
- EME
- eflores has decrypt-only ClearKey CDM for shipping
- cpearce has an example decrypt+decode CDM for sharing with partners
- eflores will patch his in-tree ClearKey CDM to call the APIs that Adobe's CDM will
- QA will want a malicious CDM to test the sandbox.
- Do we need test machines with monitors?
- QA may need to run manual tests with monitors if we can't automate it
- need downloadable Plugin Host (without XUL) but not for Windows release
- sandbox voucher for statically-linked XUL in plugin container?
- what parts of libxul does the plugin host need?
- Output Protection?
- preloading relevant Windows DLLs in sandbox seems to work
Round table
- Q4 goals: EME and content sandboxing: Windows, Mac, and Linux
Actions
- Tim to schedule a meeting with gcp and jesup about WebRTC and content sandbox
- eflores will patch his in-tree ClearKey CDM to call the APIs that Adobe's CDM will
- cpearce will ask Adobe:
- for preliminary CDM builds
- how they feel about plugin host dynamically loading libraries (like libxul) for sandbox vouching