Security/Sandbox/2017-01-12

« previous week | index | next week »

haik

• bug 1309394 - Introduce automated tests to validate content process sandboxing works as intended
  • On autoland, will uplift to 52
• bug 1324610 - Printing on OS X makes firefox unusable
  • Landed and uplifted to 52
• bug 1329822 - file:// documents can't use <a download=foo.txt> to set a download name/force a download
  • Have a fix that appears to work, I need understand the remoteType code a bit more
  • https://treeherder.mozilla.org/#/jobs?repo=try&revision=76b959de8cd31ed2a1b9dcd4ff12d220661fbbb1

bobowen

• bug 1321724 - [e10s] Local HTML cannot be opened in Firefox 50
  • Try build for reporter to test.
  • USER_NON_ADMIN is whitelist not blacklist.
• bug 1324064 - [e10s] printing causes content process to crash with Foxit Reader PDF
  • Landed and uplifted to Aurora.
• bug 1328257 - Perma failure in browser_webconsole_bug_595223_file_uri.js when Gecko 53 moves to Aurora
  • To do with file content process not being enabled.
  • Fix landed.
• bug 1152353 - FX 37.0.1 Printer Properties Freeze
  • Can reproduce similar problem, it's to do with nested processing when print dialog shown I believe.
  • Working on a possible fix.
  • Related to bug 1243375, which is a fairly common shutdown hang (Currently #40).
• bug 1321566 - uplifted to Aurora.
• bug 1324000 - landed and uplifted to Aurora.

tedd

• bug 1325647 - automated integer bound checking for IPC
  • billm wanted the entire thing to be only in c++
  • wrote a new PoC, attached to bug, asked for feedback

gcp

• bug 1329216 crash on "print" in print dialog
• bug 1330326 Make sandboxing policy more configurable via preferences
• mingw build fixes for tor
• X11 procotol and rust

handyman

• bug 1306698 - When resize content/window, image under the flash plug-in is briefly display
  • really two bugs: both believed to be for Adobe. Details on both are in the bug.
  • Also has a patch (up for review) to fix some minor PluginFrame issues in the Direct Drawing case.
• bug 1284897 - 64 bit Flash Player has storage permissions issues
  • still wip
• bug 1329328 - 64-bit Firefox on Win10 - Flash Downloads result in OS Permission errors
  • looks like bug 1284897
• bug 1307708 - Crash in [...] mozilla::plugins::PPluginModuleChild::CallGetKeyState
  • Still no STR but I have an idea to pursue with m_kato
• bug 1312788 - Add console warning and telemetry if service workers are used in the file content process
  • "please request approval by setting the feedback flag for the data collection module owner or a peer"? -- feedback bsmedberg
• bug 1306239 - Add pref to toggle OS X sandbox violation debugging, default off
  • Some violations are logged even with debug messages turned off. They come from e.g. the appleevents daemon. There seems to be nothing we can do about them.
  • haik suggests we default to 'on' for now.
  • Patch is r+
• bug 1251202 - Implement Default Audio Device Notifications for NPAPI plugins on Windows
  • Adobe just reported an issue with this on 32-bit.

jld

• bug 1326361 - socket audit: did a little experiment, found DBus
  • Not yet known: what opened it, what breaks if it's revoked
• bug 1286865 - took
• bug 778201 - reopened to ni? about whether NPAPI using the proxy service can just go away
• wrote up an alternate idea for the bounds checking thing
• Took a look at https://github.com/servo/gaol — interesting; takes different approaches in some cases; probably not useful vs. what we already have
  • Doesn't use a broker; instead, depends on namespaces & bind-mounts stuff into a tmpfs
  • fork+unshare+fork, and making parent process a subreaper, to spawn into new pid namespace

roundtable

• Media sandboxing discussion from last week: pointed out risks of camera/voice access sharing

sandbox with networking