Security/Sandbox/2017-08-24

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

bobowen

  • bug 1392570 - Firefox fails to launch on Windows 7 when already running in a job.
    • Up for review.
  • bug 1385928 - Mozregression launched nightly after 2017-07-30 don't load start page
    • Chromium have just (last week) landed a change to the way the get the EXE's base address, I'll take their new function tomorrow.
  • no bug yet - improve telemetry when sandbox child fails to launch.
  • Fun and games with GMP

Alex_Gaynor

  • win32k lockdown research: discussion with James Forshaw (P0, Chromium's win32k lockdown), doesn't look like Windows has anything better than windbg for grabbing all the stacks we want
  • Alternate Desktops for Windows content process
    • Code landed in Chromium sandbox lib to support it
    • Debugging failures with GMP with it enabled

gcp

  • bug 1382323 Firefox 54 on Fedora 26 doesn't launch custom protocol handler
  • bug 1392640 assert len(self._whitelistpaths) <= 2 when running mach reftest
  • bug 1376910 Remove SysV IPC access from content processes
  • Dealing with Fedora/KVM and older Ubuntu/older box (fglrx, AMD GPU) setups

haik

  • bug 1391186 - Thunderbird loses setting as default email client when "mailto" triggered by Firefox 56/57
  • Landed:
    • bug 1382260 - [mac] Sandbox breaks font rendering for users with fonts managed via Linotype FontExplorerX or RightFont
      • needs uplift
      • Filed new bug for a better fix
    • bug 1390346 - Redirects to moz-extension:-URLs fail when loaded from a xpi, but succeed when extension is unpacked
      • needs uplift

handyman

  • bug 1382251 - Brokering https in NPAPI process
  • bug 1388903 - invalid HWND in PrintDlg
    • Definitely sandbox. Goes back to bug 1300083, which fixed NPAPI sandbox init
    • Likely can also be brokered assuming Adobe's use is limited

jld

  • bug 1384986 - dconf fixes finally landed
  • bug 1382442 - tested gconf patch, wrote up rationale (basically, gconf in content procs is already broken)
  • bug 1382323 - Revenge of the MIME service; tried to reproduce, haven't succeeded yet, ran into bug 227246
  • Some reviews & poking at new IPC bugs
  • Not me, but: bug 1391523 - prototype audio remoting is going to land (whoo non-C++ IPC stuff)
  • bug 1376910 - SysV; had an idea about the mysterious Cairo failures
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Sandbox/2017-08-24&oldid=1180461"