Security/Sandbox/2014-09-25

From MozillaWiki
Jump to: navigation, search


« previous week | index | next week »

25 September 2014

Standup/status

  • Windows sandboxing
    • GMP/OpenH264/EME
      • Work ongoing in bug 1066326 to pre-load system DLLs specified by the EME plugin
    • Content
      • Bug 1067301 - add --content-sandbox option - landing
      • Bug 1067312 - create low integrity TEMP at start - landing
      • Bug 1068000 - add chrome.* pipe rule to policy - landing
  • Linux
    • socketpair bug: waiting on upstream; will shortly stop waiting
    • Telemetry incident:
      • Beta is unrepresentative
      • …but we should improve the UX a litlte, like hiding from about:addons
    • User namespaces: we're up to ~2/3 of Desktop. Thanks, Ubuntu!
  • Testing
    • need test plugin in tree that makes same API calls as Adobe CDM
    • need (preliminary builds of) Adobe's CDM
  • EME
    • eflores has decrypt-only ClearKey CDM for shipping
    • cpearce has an example decrypt+decode CDM for sharing with partners
    • eflores will patch his in-tree ClearKey CDM to call the APIs that Adobe's CDM will
    • QA will want a malicious CDM to test the sandbox.
    • Do we need test machines with monitors?
    • QA may need to run manual tests with monitors if we can't automate it
    • need downloadable Plugin Host (without XUL) but not for Windows release
    • sandbox voucher for statically-linked XUL in plugin container?
    • what parts of libxul does the plugin host need?
    • Output Protection?
    • preloading relevant Windows DLLs in sandbox seems to work

Round table

  • Q4 goals: EME and content sandboxing: Windows, Mac, and Linux

Actions

  • Tim to schedule a meeting with gcp and jesup about WebRTC and content sandbox
  • eflores will patch his in-tree ClearKey CDM to call the APIs that Adobe's CDM will
  • cpearce will ask Adobe:
    • for preliminary CDM builds
    • how they feel about plugin host dynamically loading libraries (like libxul) for sandbox vouching