Security/Sandbox/2018-03-01

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

jld

  • GPU things
    • Have emailed graphics people for info.
    • bug 1440206 - connect() brokering may not be a good idea
      • nvidia's thing is SOCK_DGRAM; Primus is… probably not common? But I don't think we have telemetry?
    • bug 1442055 to do something about Primus; need to gather more info in glxtest to even detect it
    • bug 1438391 - weakened sandboxing for VirtualGL (which helpfully sets env vars to announce itself)
    • bug 1438394 - Still no idea about fglrx; asked graphics people for advice on that too.
  • bug 1438401 - “fixed” Cairo shm usage by failing shmget()
    • Removed the XShmQueryExtension shim but forgot the #include. Oops.
  • Continued reviewing / advising on bug 1438678


gcp

  • bug 1438394 The fglrx detection from bug 1376910 is sometimes not working.
  • can't reproduce, individual parts are fine...?!?! last try will be installing same debian+fglrx
  • bug 1438215 Sandbox breaks ATI fglrx driver
  • Appears to be strange interaction with broker - Allow()ing filesystem calls will cause an immediate crash
  • reviews incl. SafeBrowsing


tjr

  • 1441558 Landed a MinGW Debug fix by stubbing out Poison IO Interposer
  • bug 1411401 MinGW Build Doesn't Run
    • Talked with Bob about this a little bit, I now suspect it's a IPC error, in that the object created in one process isn't being passed to the other
    • https://pastebin.mozilla.org/9078888
  • Float Stuff
    • bug 1430173 - ESR Patch for 2ms - working on landing
    • bug 1425462 - Timer Jittering - going to try and land this today. Some test failures I don't think are related but can't tell
    • bug 1440195 - Began work on the context pointer
  • Working getting a successful LTO build of Firefox for the suggest-final warnings
  • Fingerprinting
    • Need to work on bug 1418162, but blocked. Told it will be done though, and it's a small bug
    • bug 1376865 - Canvas Permission prompt is done, landed in central and beta (yay!)
    • bug 1409973 - Locale/Timezone fix - landed!
  • Investigated where JIT Constant Blinding is. asm.js is going to be tough to mitigate. I'm probably going to need the JIT team to help/do this. =/
  • Concerned about where Memory Partitioning is, need to talk to someone over there about it.

haik

  • bug 1432567 - [Mac] Add a test that renders fonts from non-standard directories
    • Test is working locally for me with 10.13, fails on try with 10.10
    • Failure has me concerned, need to debug
  • bug 1437281 - OSX dragging image to desktop changes OSX File associations
    • Have a fix uses a sync message
  • bug 1433577 - [Mac] Enable sandboxing for the Flash NPAPI plugin process
    • Have some questions out to Adobe
    • The file dialog trickery requires using some services I'm not comfortable with

Alex_Gaynor

  • bug 1348361 - make spawning new content processes not block the main thread
    • fixed performance issues with the patch
    • failing tests on Linux I need to resolve
    • Will need a follow up patch to actually get the benefits of non-blocking

bobowen

  • bug 1409063 - FF 56.0.1 x64 on W7x64: now creating events in "Microsoft-Windows-Known Folders/ Operational" event log, "Error 0x80070005 occurred while creating known folder" for all known folders, upon each FF startup.
    • Patch landed.
  • bug 1396984 - Scrollbar becomes black on first connection of second screen
    • Problem due to GDI indexes getting out of step because of unprocessed internal windows messages.
    • Landed patch to do a single event pump, where we used to do many and or wait for native events.
  • bug 1441801 - Removed the chromium sandbox DLL blocking, that was Nightly only - on inbound.
  • bug 1423628 - Allow not processing native events to ride the trains - on inbound.
  • bug 1441824 - Allow level 5 (Alternate Desktop) to ride the trains - on inbound.

handyman

Roundtable

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Sandbox/2018-03-01&oldid=1190262"