Security/Sandbox/2015-05-14
From MozillaWiki
« previous week | index | next week »
Windows
- Content Sandboxing
- bug 1162327 - MozTemp not deleted - I have a more robust version of this now. Runing on try at the moment. I've added some temporary code that cleans up old MozTemp-* directories that I've been leaving around on people's hard disks.
- GMP Sandboxing
- question for Bob: configuring Windows to not run unsigned software (Adobe CDM)?
- bug 1164948 - Sign GMP plugins (from HN: https://news.ycombinator.com/item?id=9533260)
- NPAPI Sandboxing
- Try build of NPAPI sandbox for Win64 testing.
- Other Windows Work
- bug 1146874 - Firefox crashes when sandbox process start fails - landed - have asked for uplift to Aurora and Beta (for the GMP related parts). Need to file follow-ups to decide how the parent process should better handle the fact that the child process has failed to start.
- Progess on GameGuard conflict. Have had contact with someone from INCA and they are looking into the problem.
Linux/B2G
- Content Sandboxing
- GMP Sandboxing
- The chroot-to-dead-directory approach being used was broken on Docker; that's fixed pending landing (https://bugzilla.mozilla.org/show_bug.cgi?id=1162965 )
- The interim fix isn't quite right; have better fix, needs posting & review.
- (This will eventually also apply to content but we're not there yet.)
- Good news: otherwise this will all Just Work on the new CI, both mochitests and gtests (as opposed to getting no testing, as at present).
- The chroot-to-dead-directory approach being used was broken on Docker; that's fixed pending landing (https://bugzilla.mozilla.org/show_bug.cgi?id=1162965 )
Round Table
- WebRTC and network addresses (related to https://bugzilla.mozilla.org/show_bug.cgi?id=969715 )