Security/Sandbox/2016-03-03
From MozillaWiki
« previous week | index | next week »
Contents
Windows
- Content Sandboxing
- bug 1245309 - D3D11CreateDevice fails with E_FAIL in sandbox - another repro, but still not confirmed if same people have problem in chromium gpu process - dvander/mchang to check next week.
- bug 1253247 - Attempting to print silently from the child causes a crash as there is no RemotePrintJob - patch up for review.
- {bug|1189846}} - Print Edit 15.10 and bug 1236015 - Windows 10 print to PDF bug - looking through how more of printing works to work on fixes for these. In particular print progress and not accessing print devices in the child.
OS X
- Content Sandboxing
- bug 1237847 - [e10s] Null deref crash when running test_pluginstream_newstream.html -- Landed
Cross Platform
- Content Sandboxing
- bug 1236108 - Sandboxed tmp paths need to be hooked up to system APIs to be picked up by crash reporter -- Under review
- WebRTC/OpenH264 Sandboxing
- bug 1207431 Intermittent leakcheck | default process: 600 bytes leaked (CondVar, Mutex, nsRunnable, nsTArray_base, nsThread, ...)
- bug 1252647 New: Intermittent e10s LeakSanitizer | leak at NewPage, nsEventQueue::PutEvent, take, nsThread::PutEvent
- bug 1249365 Latest Nightly 47.0a1 breaks Hello - No camera/microphone found
- Chromium IPC Code
- bug 1236358 - Picked up this bug
- bug 777067 - (fuzzing-ipc-ipdl) Fuzzing: IPC Protocol Definition Language (IPDL) Protocols -- Investigating the unfixed bugs this still depends on -- Hard to tell the impact of instances of assertion failures, need non-debug analysis/testing
Round Table
- Can we shift this meeting back to the top of the hour?
- Are environment variables the best way to allow the sandbox to be turned off/weakened for testing? Chrome uses and command line switch I believe.
- We're using JS prefs right now no? (Minus the DEBUG_CONTENT mess)
- Clarified this is about pref to allow lowering sandbox protection
- Child writable prefs.
- Tracking Proposal
- Whiteboard tags
- sb+ = bugs we don’t want to lose track of but do not block: test failures, future, bugs we can’t reproduce, etc.. Will eventually be re-triaged before a rollout.
- sb- = not tracking: unrelated to core goals, b2g specific
- sb(o)(p)1 through sb(o)(p)n = sandbox release milestones. individual sandbox milestones (OS - o = w - Windows, m - Mac, l - Linux, Process type - p = c - content, g - GMP, n - NPAPI) that have different target dates. Simply a way of generating a list of bugs that block a specific sandbox or feature rollout.
- sb? = bugs that needs to be triaged by the team on a weekly basis (tb replaced with plat-int tracking flag at some point)
- meta: good general organizational bugs, need to make sure they are tagged with ‘meta’ so we can filter them out of buglists.
- platform info: set appropriate platform information on individual bugs (win, mac, linux, all)
- block goals tied to trains to keep the momentum.
- Whiteboard tags
- Define two starting milestones for each platform:
- Windows (content)
- sbwc1 - Let the level 1 (low integrity) sandbox ride the trains
- sbwc2
- Windows 64 (NPAPI plugin)
- sbwn1
- sbwn2
- OSX
- sbmc1 - example: Enable basic sandbox on Nightly?
- sbmc2
- Linux
- sblc1 - example: Enable basic sandbox on Nightly?
- sblc2
- Windows (content)