Security/Sandbox/2015-04-09
From MozillaWiki
« previous week | index | next week »
Please use MediaWiki formatting because these etherpad notes will be republished on our public wiki: https://wiki.mozilla.org/Sandbox#Meeting_Notes
Standup/Status
Windows
- Content Sandboxing
- bug 1149483 - change level 1 for content to working low integrity sandbox - landed with post to dev-platform - now planning to turn this on w/c 20th Apr, assuming there are no unresolvable issues raised.
- Will eventually remove level 0 pref, but can add environment variable to disable sandbox for testing.
- bug 1142239 - Content sandboxing blocks Nvidia shader cache - fixed by bug 1149483
- bug 1149483 - change level 1 for content to working low integrity sandbox - landed with post to dev-platform - now planning to turn this on w/c 20th Apr, assuming there are no unresolvable issues raised.
- NPAPI Sandboxing
- Enable NPAPI sandbox for Win64 Flash?
- Adobe has no Flash Protected Mode on Win64.
- Revisit NPAPI sandbox in 2+ weeks after enabling low-integrity sandbox for content processes.
- Enable NPAPI sandbox for Win64 Flash?
Linux/B2G
- GMP/EME Sandboxing
- Patches for chroot and net/ipc namespace sandboxing finally being reviewed
- Other Linux work
- Filed some bugs for upcoming work on namespaces
Mac
- GMP/EME Sandboxing
- bug 1110911 (move Mac sandboxing into plugin-container) finally landed on trunk
Round Table
- bug 1151001 - CPOWs vs. Sandboxing
- file/chrome/resource URLs?
