Security/Sandbox/2015-04-09

From MozillaWiki
Jump to: navigation, search


« previous week | index | next week » Please use MediaWiki formatting because these etherpad notes will be republished on our public wiki: https://wiki.mozilla.org/Sandbox#Meeting_Notes

Standup/Status

Windows

  • Content Sandboxing
    • bug 1149483 - change level 1 for content to working low integrity sandbox - landed with post to dev-platform - now planning to turn this on w/c 20th Apr, assuming there are no unresolvable issues raised.
      • Will eventually remove level 0 pref, but can add environment variable to disable sandbox for testing.
    • bug 1142239 - Content sandboxing blocks Nvidia shader cache - fixed by bug 1149483
  • NPAPI Sandboxing
    • Enable NPAPI sandbox for Win64 Flash?
      • Adobe has no Flash Protected Mode on Win64.
      • Revisit NPAPI sandbox in 2+ weeks after enabling low-integrity sandbox for content processes.

Linux/B2G

  • GMP/EME Sandboxing
    • Patches for chroot and net/ipc namespace sandboxing finally being reviewed
  • Other Linux work
    • Filed some bugs for upcoming work on namespaces

Mac

  • GMP/EME Sandboxing
    • bug 1110911 (move Mac sandboxing into plugin-container) finally landed on trunk

Round Table

  • bug 1151001 - CPOWs vs. Sandboxing
  • file/chrome/resource URLs?