Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-28 04:35:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
545,919 Commits 615 Branches 98 Tags 6 GiB
0edfa97e38
Commit Graph

664 Commits

Author SHA1 Message Date
Carsten "Tomcat" Book
038afacb9f Backed out changeset 2ae22a66e02d (bug 1366694) for memory leaks 2017-07-11 13:14:55 +02:00
Carsten "Tomcat" Book
05734fd002 Backed out changeset 88b71119fbf8 (bug 1366694) 2017-07-11 13:14:38 +02:00
Carsten "Tomcat" Book
7e0d52f50e Merge mozilla-central to inbound 2017-07-11 13:00:28 +02:00
Bob Owen
db58bdb9ca Bug 1377555 Part 3: Don't use restricting SIDs when running from a network drive. r=jimm 2017-07-11 09:44:21 +01:00
Bob Owen
bbf27f0cae Bug 1377555 Part 2: Add option to Windows chromium sandbox policy to not use restricting SIDs. r=jimm 2017-07-11 09:44:20 +01:00
Bob Owen
01f2685a30 Bug 1377555 Part 1: Back out changesets 04edb03fb817 and d17ac655cc51. r=jimm 
This backouts the previous change to detect and change the sandbox policy
when running from a network drive.
 2017-07-11 09:44:20 +01:00
Alex Gaynor
f514ff97b3 Bug 1379182 - Remove some unnecessary file-write permissions types from the content process on macOS; r=haik 
On macOS, the file-write* permission type contains numerous sub-permissions (see
bug for full listing). Restrict the ones we allow to only the two we need:
file-write-create and file-write-data. This primarily reduces kernel attack
surface, I'm not aware of any bad things that could be done directly with the
removed permissions.

MozReview-Commit-ID: 3VvjFesy2qx

--HG--
extra : rebase_source : 934ec17c44c9ef3d7fab29919d66cf1a55d57697
 2017-07-07 11:05:01 -04:00
Wes Kocher
5dd57ee395 Merge m-c to inbound, a=merge 
MozReview-Commit-ID: IVwrN2VivZT
 2017-07-07 17:30:32 -07:00
Wes Kocher
fd4857585c Merge autoland to central, a=merge 
MozReview-Commit-ID: Lf7ROINgvql
 2017-07-07 17:22:00 -07:00
Alex Gaynor
d40ad40466 Bug 1376976 - Restrict sysctl access in the content process to a whitelist of sysctl names. r=jld, r=haik 
MozReview-Commit-ID: 14yoiP1gskM
 2017-06-29 13:55:15 -07:00
Haik Aftandilian
c610a4c66b Bug 1376163 - [10.13] No audio playback on YouTube, no audio/video on Netflix (macOS High Sierra 10.13 Beta). r=Alex_Gaynor 
Allow access to the "com.apple.audio.AudioComponentRegistrar" API on 10.13+ systems.

MozReview-Commit-ID: 8gWXvuXTNKi

--HG--
extra : rebase_source : 8abf9a2548d915a89adfa82580d46c1bc00726d8
 2017-07-06 14:09:11 -07:00
Sylvestre Ledru
4e9cf83ee8 Bug 1378712 - Remove all trailing whitespaces r=Ehsan 
MozReview-Commit-ID: Kdz2xtTF9EG

--HG--
extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
 2017-07-06 14:00:35 +02:00
Jed Davis
1a4ac1cd36 Bug 1372428 - Extend file pre-opening for sandboxed media plugins. r=gcp 
MozReview-Commit-ID: JoyYocxnk94
 2017-07-07 08:58:50 -06:00
Jed Davis
1bc1050e9e Bug 1372428 - Deal with fcntl() in media plugins. r=gcp 
MozReview-Commit-ID: 9kBowGtSPYO
 2017-07-07 08:58:45 -06:00
Jed Davis
b2df5f5afd Bug 1372428 - Deal with uname() in media plugins. r=gcp 
MozReview-Commit-ID: JVzjs80Yuex
 2017-07-07 08:58:33 -06:00
Carsten "Tomcat" Book
7857fa0a5e merge mozilla-inbound to mozilla-central a=merge 2017-07-06 11:18:05 +02:00
Gian-Carlo Pascutto
84f7ba492b Bug 1377614 - Part 1 - Move IsDevelopmentBuild() to common code. r=Alex_Gaynor 
MozReview-Commit-ID: AcO0XaMS4Gp

--HG--
extra : rebase_source : ec40a94545fa78ce0210a0614db82b7bcb7e8a97
 2017-07-03 11:17:04 -07:00
Sebastian Hengst
8b1992d948 Backed out changeset 9137ed21a66f (bug 1377614) for bustage: not finding mozilla/SandboxSettings.h at netwerk/protocol/res/ExtensionProtocolHandler.cpp:46. r=backout 2017-07-05 22:51:58 +02:00
Gian-Carlo Pascutto
2032eb5262 Bug 1377614 - Part 1 - Move IsDevelopmentBuild() to common code. r=Alex_Gaynor 
MozReview-Commit-ID: AcO0XaMS4Gp

--HG--
extra : rebase_source : 2fa012f693ad7855c2c6e7b8399edf3c0e734299
 2017-07-03 11:17:04 -07:00
Alex Gaynor
53f0246cfd Bug 1377164 - Improve the readability of the macOS plugin sandbox policy; r=haik 
MozReview-Commit-ID: 9R8qT98ESQJ

--HG--
extra : rebase_source : 537f0dc3c46bee9b8e295689fbcbc8c63415c5d1
 2017-06-29 10:53:04 -07:00
Phil Ringnalda
22cb9f77bb Merge m-c to m-i 
MozReview-Commit-ID: H6zGgEm7oOM
 2017-07-04 20:32:07 -07:00
Jan Keromnes
09971ac7d3 Bug 1376643 - Use 'override' and '= default' on applicable methods in security/sandbox/. r=gcp 2017-06-27 17:57:00 +02:00
Jan Keromnes
df076300b1 Bug 1376643 - Use 'nullptr' where applicable in security/sandbox/. r=gcp 2017-06-27 17:56:00 +02:00
Bob Owen
25e5ff4cde Bug 1366694 Part 2: Don't run sandbox file system test in DEBUG on Windows. r=jimm 
This is because in DEBUG mode we currently give full access to TEMP dir
for logging purposes and the temporary profile is created in the TEMP dir.
 2017-07-11 09:44:20 +01:00
Bob Owen
ecbd6ca808 Bug 1366694 Part 1: Allow user handles in the content process job in DEBUG builds. r=jimm 2017-07-07 15:51:17 +01:00
Alex Gaynor
b636380391 Bug 1374557 - Part 1 - Add the ability to specify a list of paths to whitelist read access to in the macOS content sandbox; r=haik 
MozReview-Commit-ID: HXBkyR7Tts2

--HG--
extra : rebase_source : 6daf50a4d7a4ff2ff85dfac43891149353e813aa
 2017-06-21 10:19:28 -04:00
Alex Gaynor
bb1ea70f5f Bug 1357758 - Replace the file-read blacklist in the macOS sandbox policy with a whitelist of the allowed paths; r=haik 
This makes the policy easier to audit, harder to regress, and easier to further prune the content processes's permissions.

MozReview-Commit-ID: 6VqEoGsWSGH

--HG--
extra : rebase_source : 58a9d35dd6e58624779294b49df5cc7e34cb4320
 2017-04-18 15:57:54 -04:00
Wes Kocher
bfc45b98b9 Merge m-c to inbound, a=merge 
MozReview-Commit-ID: 9XdoB5MuVz6
 2017-07-05 17:17:41 -07:00
Bob Owen
1eb1c9091d Bug 1378061: Only set user's SID in USER_LIMITED as deny only when not using restricting SIDs. r=jimm 2017-07-05 21:00:55 +01:00
Carsten "Tomcat" Book
7918eeee02 merge mozilla-inbound to mozilla-central a=merge 2017-06-28 13:23:29 +02:00
Jed Davis
8e5d5bda0f Bug 1362537 - Re-disallow accept4 in Linux content processes. r=gcp 
MozReview-Commit-ID: Gml8lR1Heu1

--HG--
extra : rebase_source : 6b466f887bd1802277a506295a9c6cc575196385
 2017-06-27 14:52:25 -07:00
Gian-Carlo Pascutto
f2e7c8b77a Bug 1374281. r=jld 
MozReview-Commit-ID: Ko5m5i4Wkd6

--HG--
extra : rebase_source : 3076315ef3639a89f752addbb01d5d08a9c2db75
 2017-06-19 20:07:38 +02:00
Bill McCloskey
f115503a0b Bug 1372405 - Provide names for all runnables in the tree (r=froydnj) 
MozReview-Commit-ID: DKR6ROiHRS7
 2017-06-26 14:19:58 -07:00
Nicholas Nethercote
f1364a75ea Bug 1374580 (part 3) - Remove ns{,C}Substring typedefs. r=froydnj. 
All the instances are converted as follows.

- nsSubstring  --> nsAString
- nsCSubstring --> nsACString

--HG--
extra : rebase_source : cfd2238c52e3cb4d13e3bd5ddb80ba6584ab6d91
 2017-06-20 19:19:52 +10:00
Florian Quèze
66f6d259bc Bug 1374282 - script generated patch to remove Task.jsm calls, r=Mossop. 2017-06-22 12:51:42 +02:00
Alex Gaynor
1141573ee9 Bug 1374660 - Removed redundant declarations from macOS content sandbox policy; r=haik 
MozReview-Commit-ID: Gw6AnH8r9sL

--HG--
extra : rebase_source : 62bb4dc335ab3f38a42543a488d07129a8d92a33
 2017-06-20 10:27:18 -04:00
Bob Owen
caa7e3c377 Bug 1368600: Add telemetry with the error code for when a Windows sandboxed child process fails to start. r=jimm, data-review=francois 2017-06-13 08:54:41 +01:00
Randell Jesup
b0a3a49ce8 Bug 1361703: enable NR_epoll_create/create1 in linux sandbox r=jld 
Enables creating new libevent epoll queues on Linux
 2017-06-13 01:54:20 -04:00
Jed Davis
da2db41a9c Bug 1362601 - Don't crash on sandbox violation if known-problem injected libs are present. r=gcp 
MozReview-Commit-ID: HCbavpMUxYm

--HG--
extra : rebase_source : ec0cc9dcbf07831209b438504311b45f5b8990a8
 2017-06-07 16:33:11 -06:00
Alex Gaynor
0403c42ccf Bug 1371701 - Fixed sandboxing tests to reflect that we're enabling file content process for all channels r=bobowen 
MozReview-Commit-ID: ICXZjEU2n6L

--HG--
extra : rebase_source : f28d5d61f6a0cdfecb2804239c407c730c4fd2ba
 2017-06-09 11:24:07 -04:00
Bob Owen
a3df44ccee Bug 1323188: Don't use restricting SIDs in the sandbox access tokens when running from a network drive. r=jimm 2017-06-07 20:20:02 +01:00
Jed Davis
039a1c2b5c Bug 1321134 - Allow access to dconf shared-memory flags. r=gcp,glandium 
DConf uses small memory-mapped files for the writer to signal readers
to invalidate cached data; the file is created by the first reader and
readers will write to it to force storage allocation.

If we don't allow opening the file, DConf will still work, but it will
reread the database on every pref access, and it prints messages on
stderr claiming it won't work.  So we should avoid that.

MozReview-Commit-ID: 9xoBIhtu5cu

--HG--
extra : rebase_source : 582b3bc30f2181b6564eefa34082a561f9cc0c28
 2017-05-30 07:10:15 -06:00
Alex Gaynor
e43d5d424f Bug 1370540 - Extend the level 3 content sandbox filesystem read blacklist to include /Network and /Users; r=haik 
MozReview-Commit-ID: 6RfS5aYRghK

--HG--
extra : rebase_source : c8d084d42dc2b37e4a0642e1a72bdd514a68d465
 2017-06-06 10:48:06 -04:00
Daniel Holbert
2a87f6e3c3 Bug 1369837: Add a void cast to silence clang Wcomma build warning, in sandbox's snapshot of chromium header. r=bobowen 
The build warning is for "possible misuse of comma operator".

The comma operator is a bit of a footgun becasue its first operand's result
just gets dropped on the floor (in this case, the result of the DCHECK
expression).  It appears that Chromium's use of the comma operator here is
intentional, though -- so we might as well accept clang's suggestion and "cast
expression to void to silence warning".

This is also filed upstream as:
 https://bugs.chromium.org/p/chromium/issues/detail?id=729123

MozReview-Commit-ID: Al2xsYEo3p0

--HG--
extra : rebase_source : 68d01b50ff1f07b68ddc0eeb7280ac412ac92932
 2017-06-02 12:45:01 -07:00
Jed Davis
b129f08d7f Bug 1322784 - Gently fail utime(), to deal with GConf/ORBit. r=gcp 
MozReview-Commit-ID: B4LmSGR6OEz

--HG--
extra : rebase_source : 613409994c0ba50c34c57537343484f1dc85b7aa
 2017-05-30 23:13:37 -06:00
Alex Gaynor
d27dc0ba0b Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm 
If the "security.sandbox.content.level" preference is set to a value less than
1, all consumers will automatically treat it as if it were level 1. On Linux and
Nightly builds, setting the sandbox level to 0 is still allowed, for now.

MozReview-Commit-ID: 9QNTCkdbTfm

--HG--
extra : rebase_source : cd5a853c46a5cd334504b339bef8df30a3cabe51
 2017-05-12 17:04:42 -04:00
Sebastian Hengst
fd03aa5bc8 Backed out changeset 4e283b54baa6 (bug 1358223) for build bustage on Android at dom/ipc/ContentChild.cpp:21. r=backout 2017-05-31 21:34:13 +02:00
Alex Gaynor
39f34ea898 Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm 
If the "security.sandbox.content.level" preference is set to a value less than
1, all consumers will automatically treat it as if it were level 1. On Linux and
Nightly builds, setting the sandbox level to 0 is still allowed, for now.

MozReview-Commit-ID: 9QNTCkdbTfm

--HG--
extra : rebase_source : 1a26ffc5b9f80e6df4c37c23f506e907ba44053a
 2017-05-12 17:04:42 -04:00
Alex Gaynor
1532472698 Bug 1368771 - Added a test which verifies that on macOS /Volumes isn't readable at sandbox level 3 r=haik 
r?haik

MozReview-Commit-ID: HPW4luz5n0M

--HG--
extra : rebase_source : c224b56de4b705758e2ab7820af02a4ef41d4040
 2017-05-30 13:52:57 -04:00
Jed Davis
f6b03fa260 Bug 1355274 - Polyfill SOCK_DGRAM socketpairs with SOCK_SEQPACKET, for libasyncns. r=gcp 
MozReview-Commit-ID: 2DeklSGsjUV

--HG--
extra : rebase_source : 8a202c23dc9a3ddede49b08ce1e0792dfb40bdbf
 2017-04-11 20:55:34 -06:00