Security/Sandbox/2016-07-07

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

tedd

haik

  • bug 1270018 - NS_APP_CONTENT_PROCESS_TEMP_DIR should only return the sandbox writeable temp - ready to land, sorting out test failure
  • bug 1274540 - Record sandboxing status in crash reports - will have patch up today hopefully
  • bug 1284291 - Add the 'com.apple.fonts' service to the sandbox profile. - working on getting macOS Sierra VM

bobowen

  • bug 1252877 - Add support for taking plugin window captures at the start of a scroll - patches pretty much ready for review
  • bug 1280159 - Page Setup Margin Widths use Millimeters Instead of Inches (for paper Legal US e.g.) - landed and uplifted to beta
  • bug 1273765 - Crash in mozilla::gfx::RecordedSetTransform::PlayEvent - being caused by an invalid cairo surface during print, need to find out why. Also possibly need to look into handling these sorts of problems instead of crashing.

gcp

  • Landed seccompf enable
  • bug 1284240 Telemetry for seccomp-bpf support looks faulty
  • Module ownership/peer changes

roundtable

  • divide linux milestones into smaller chunks?
    • sblc1: getting seccomp on nightly
    • sblc2: remove/restrict read file system access
    • sblc3: remove/restrict write file system access
    • sblc4: remove/restrict socket access + X11
    • slbc5: use chroot & user namespaces
    • x11 restrictions milestone?
  • sbmc1: added 1284588 OS X: Disable content process write access to user files in the home directory