Security/Sandbox/2017-08-24
From MozillaWiki
« previous week | index | next week »
Contents
bobowen
- bug 1392570 - Firefox fails to launch on Windows 7 when already running in a job.
- Up for review.
- bug 1385928 - Mozregression launched nightly after 2017-07-30 don't load start page
- Chromium have just (last week) landed a change to the way the get the EXE's base address, I'll take their new function tomorrow.
- no bug yet - improve telemetry when sandbox child fails to launch.
- Fun and games with GMP
Alex_Gaynor
- win32k lockdown research: discussion with James Forshaw (P0, Chromium's win32k lockdown), doesn't look like Windows has anything better than windbg for grabbing all the stacks we want
- Alternate Desktops for Windows content process
- Code landed in Chromium sandbox lib to support it
- Debugging failures with GMP with it enabled
gcp
- bug 1382323 Firefox 54 on Fedora 26 doesn't launch custom protocol handler
- bug 1392640 assert len(self._whitelistpaths) <= 2 when running mach reftest
- bug 1376910 Remove SysV IPC access from content processes
- Dealing with Fedora/KVM and older Ubuntu/older box (fglrx, AMD GPU) setups
haik
- bug 1391186 - Thunderbird loses setting as default email client when "mailto" triggered by Firefox 56/57
- Landed:
- bug 1382260 - [mac] Sandbox breaks font rendering for users with fonts managed via Linotype FontExplorerX or RightFont
- needs uplift
- Filed new bug for a better fix
- bug 1390346 - Redirects to moz-extension:-URLs fail when loaded from a xpi, but succeed when extension is unpacked
- needs uplift
- bug 1382260 - [mac] Sandbox breaks font rendering for users with fonts managed via Linotype FontExplorerX or RightFont
handyman
- bug 1382251 - Brokering https in NPAPI process
- bug 1388903 - invalid HWND in PrintDlg
- Definitely sandbox. Goes back to bug 1300083, which fixed NPAPI sandbox init
- Likely can also be brokered assuming Adobe's use is limited
jld
- bug 1384986 - dconf fixes finally landed
- bug 1382442 - tested gconf patch, wrote up rationale (basically, gconf in content procs is already broken)
- bug 1382323 - Revenge of the MIME service; tried to reproduce, haven't succeeded yet, ran into bug 227246
- Some reviews & poking at new IPC bugs
- Not me, but: bug 1391523 - prototype audio remoting is going to land (whoo non-C++ IPC stuff)
- bug 1376910 - SysV; had an idea about the mysterious Cairo failures