Security/Sandbox/2015-08-06

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

Windows

  • Content Sandboxing
    • bug 1189352 - NSPR_LOG_FILE=<absolute path> still not working from sandbox child process on Windows - landed
    • bug 1156742 - print to xps with low integrity sandbox:
      • Raised EMF license discussion bug.
      • Raised EMF security discussion bug.
      • Web fonts seem to work, but need to look into it further to be sure.
  • NPAPI Sandboxing
    • bug 1185529 - Flash AS2 Key.isDown recently broken - reviewed waiting to see if aklotz sees any conflicts with aync plugin init.
    • bug 1182411 - Flash settings menu doesn't work on windowless plugins with low integrity sandbox - patch working with async need to get posted and reviewed.


Linux/B2G

  • Content Sandboxing
    • bug 1185118 is being a problem; q.v.
      • Can at least try asking for 2.2 uplift on bug 1176085 to (hopefully?) fix bug 1187408; it's possible that release management won't be as averse to the side effects as I think they will.
      • Also, could land a patch to increase the timeout & see what happens on crash-stats, but that's kind of ew. (Also there's approximately 1/day so far, so how long would it take to have a significant result?)
      • Fun fact: this is the #6 topcrash on Flame and #10 on B2G KitKat.


Cross Platform

  • WebRTC/OpenH264 Sandboxing
    • Performance measurement (continued)
    • Nagging reviewers
  • nsWebBrowserPersist
    • ...has finally landed on inbound!