Security/Sandbox/2016-07-14
From MozillaWiki
« previous week | index | next week »
bobowen
- bug 1252877 - Add support for taking plugin window captures at the start of a scroll - most reviews in, part 2 updated following review.
- bug 1273765 - Crash in mozilla::gfx::RecordedSetTransform::PlayEvent - patch up for review, but may well not be acceptable. bug 1285942 filed to deal with the crash more directly.
haik
- bug 1274540 - Record sandboxing status in crash reports - patch on reviewboard
- bug 1284291 - Add the 'com.apple.fonts' service to the sandbox profile. - Nightly/Sierra not stable for me right now
tedd
- land/review patches for nightly bugs tracked by bug 1280415
- updated wiki page for splitting up milestones/triaged current milestones
gcp
- Firefighting seccomp landing
- Approving patches
aklotz
- bug 1285356 - Windows DLL blocklist bustage - r+'d just need to address any comments and land
Roundtable
(Brought up earlier) Linux stack unwinding:
- Imprecise unwinding and no line info from system libraries is a problem for SIGSYS triage
- Client-side stack walking is being worked on: bug 1280469
- There are also some half-finished tools for scraping some distros' debug packages; :ted knows.
- But the stack scanning data can be used as-is; might need tracking down packages and disassembling/RE.
Non-crashing bug reporting:
- For deciding how to stop allowing syscalls later.
- Need some kind of live stack walks
- client-side breakpad mentioned above?
- Background hang telemetry does… something.
- _Unwind_Backtrace and hope there's no reentrancy?
- Need a bug for this 1286865