Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-22 09:45:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
562,634 Commits 615 Branches 98 Tags 5.9 GiB
2a15781174
Commit Graph

105 Commits

Author SHA1 Message Date
Haik Aftandilian
c0bfbc91e0 Bug 1393805 - Part 2 - Add Mac whitelisted directory for system extensions development. r=Alex_Gaynor 
MozReview-Commit-ID: ADkcqFAsKaY

--HG--
extra : rebase_source : 02db543e05109e764228862ef5c760a0132eb4c2
 2017-10-05 16:06:36 -07:00
Sebastian Hengst
6c211079d0 Backed out changeset 8198bc4c7e3c (bug 1393805) 2017-10-05 00:20:11 +02:00
Haik Aftandilian
165980edfa Bug 1393805 - Part 2 - Add Mac whitelisted directory for system extensions development. r=Alex_Gaynor 
MozReview-Commit-ID: ADkcqFAsKaY

--HG--
extra : rebase_source : 492194ea7914d6f09b349f95b3eeea0bd003256a
 2017-09-27 13:27:39 -07:00
Alex Gaynor
535c9e8dc3 Bug 1380674 - remove the ability to create directories in the content temp directory on macOS; r=haik 
MozReview-Commit-ID: 8SDcDTqp2F5

--HG--
extra : rebase_source : e8094606e5a302db41f7d7fd22656b7e8697d549
 2017-10-03 09:49:44 -04:00
Alex Gaynor
d755224ded Bug 1403567 - Remove unused access to AppleGraphicsPolicyClient iokit from content process; r=haik 
MozReview-Commit-ID: 9yTMgo2FNKm

--HG--
extra : rebase_source : 72cc3a295d8823460aae21ebe149ece2df69d087
 2017-09-26 13:05:18 -04:00
Haik Aftandilian
414270b14a Bug 1403669 - [Mac] Per-user and system extensions dir regexes only work for 1-character subdirectory names. r=Alex_Gaynor 
MozReview-Commit-ID: L9vNruzMEez

--HG--
extra : rebase_source : 8530cbf1baef919a5a379564d190fb08674aa28d
 2017-09-27 11:48:39 -07:00
Alex Gaynor
d1aef777b6 Bug 1404426 - Simplify the macOS content sandbox policy; r=haik 
This does two things:

1) Move the level 3 rules to always be applicable, and simplifies level 2 accordingly
2) Consistently uses the raw string literal syntax for regexes

MozReview-Commit-ID: 6iwjOvRVMM7

--HG--
extra : rebase_source : 3ac59219ad0793a98bdb203fb3d247561216a560
 2017-09-29 13:13:49 -04:00
Haik Aftandilian
f39cc5cc25 Bug 1401756 - [Mac] Remove unneeded mach-lookups from plugin sandbox rules. r=Alex_Gaynor 
MozReview-Commit-ID: JsgBzNJC4zF

--HG--
extra : rebase_source : deffeff5e6d39318c55bf3d487071139abaf3c92
 2017-09-20 14:05:27 -07:00
Alex Gaynor
79cf374320 Bug 1403210 - Remove unused access to AppleSNBFBUserClient iokit from content process; r=haik 
MozReview-Commit-ID: K4Z48UFfq2w

--HG--
extra : rebase_source : 8664f3e04503ecc48813d45d26b5433afcc65251
 2017-09-26 11:32:01 -04:00
Haik Aftandilian
2cce1be1b0 Bug 1392988 - Firefox 55.02 on macOS High Sierra cannot play AES encrypted video. r=Alex_Gaynor 
Adds access to video encoding/decoding services when running on macOS 10.13 High Sierra.

MozReview-Commit-ID: 6h4dZ6gkFtp

--HG--
extra : rebase_source : 8c5078b336631e3254fcaaf6727dff281c840159
 2017-08-28 19:06:07 -07:00
Haik Aftandilian
3fbdb1b349 Bug 1382260 - Patch 2 - [Mac] Allow reading of font files from the content sandbox. r=Alex_Gaynor 
MozReview-Commit-ID: 9W5aqQweFmd

--HG--
extra : rebase_source : 9aa778bc08bee206e7f3340eac32ca2f46a4f81b
 2017-08-18 16:12:07 -07:00
Haik Aftandilian
74e07cd141 Bug 1388580 - [Mac] Remove miscellaneous iokit open permissions r=Alex_Gaynor 
MozReview-Commit-ID: 3StDmeSwZUG

--HG--
extra : rebase_source : 66d73d82f54a9bdd0ebbc35abf0badc2657e5750
 2017-08-08 15:57:21 -07:00
Alex Gaynor
c6b10e5ba8 Bug 1389535 - remove access to com.apple.coreservices.launchservicesd from content processes; r=haik 
MozReview-Commit-ID: 8uOZmYGxJDK

--HG--
extra : rebase_source : c51b8d314de39d3262706c2cf3c383e234a1342f
 2017-08-09 11:29:53 -04:00
Alex Gaynor
2cc89c3380 Bug 1388454 - remove access to the com.apple.pasteboard.1 mach service from content processes; r=haik 
MozReview-Commit-ID: EXb6UDYohZT

--HG--
extra : rebase_source : 321ebf0ce810b4fde9ce99acb56b15ca7acfbd8e
 2017-08-08 13:51:48 -04:00
Alex Gaynor
b4ba668be6 Bug 1388360 - remove access to the com.apple.iconservices mach service from content processes; r=haik 
MozReview-Commit-ID: D20alO2PKR0

--HG--
extra : rebase_source : 2bc809d161eb373220f1de174abc8032207b5dac
 2017-08-08 10:15:16 -04:00
Alex Gaynor
0132ad567f Bug 1386363 - remove access to the com.apple.SystemConfiguration.configd mach service from content processes; r=haik 
MozReview-Commit-ID: 3hFEx67JkdO

--HG--
extra : rebase_source : f3671c7d7682aeb5ff4b89d2409670fcadc2341a
 2017-08-07 10:09:32 -04:00
Haik Aftandilian
ef291aef27 Bug 1388172 - [Mac] Remove access to "com.apple.window_proxies" from the content sandbox. r=Alex_Gaynor 
MozReview-Commit-ID: 2EtLWOvPtyK

--HG--
extra : rebase_source : 3be19fbee8c0989cdfd82283ec2fb8acc5795989
 2017-08-07 14:44:33 -07:00
Alex Gaynor
d407d2ad13 Bug 1387570 - remove access to the com.apple.cache_delete mach service from content processes; r=haik 
MozReview-Commit-ID: LoB1rx5DoV5

--HG--
extra : rebase_source : 7721399376e8ae7e6f41581681b61e92e20f2b21
 2017-08-07 10:11:37 -04:00
Haik Aftandilian
9d03f37706 Bug 1322024 - [Mac] Remove com.apple.windowserver.active access from the content sandbox. r=Alex_Gaynor 
MozReview-Commit-ID: CY99fseWrQX

--HG--
extra : rebase_source : a7219e91ca415c6f058337251ebecc8e9e5006be
 2017-07-24 15:22:58 -07:00
Alex Gaynor
90d2a77496 Bug 1387233 - restrict access to ipc-posix-shm APIs in the content process; r=haik 
This removes /tmp/com.apple.csseed access entirely, ipc-posix-shm-read-metadata
from CFPBS:, and ipc-posix-shm-write-{create,unlink} from AudioIO and CFPBS:.

MozReview-Commit-ID: Eahx6guqGos

--HG--
extra : rebase_source : 621e81eb00411ae39882504db7d10a50eef30b27
 2017-08-03 17:03:47 -04:00
Alex Gaynor
d1db7f92fc Bug 1385332 - remove access to the com.apple.pluginkit.pkd mach service from the content process; r=haik 
MozReview-Commit-ID: 2KYaScrgnll

--HG--
extra : rebase_source : 4c39abdba18490f2fb12f1691f6fd5a4722cd542
 2017-08-03 10:20:07 -04:00
Haik Aftandilian
d3e4a052d9 Bug 1386075 - [Mac] Remove (iokit-user-client-class "RootDomainUserClient"). r=Alex_Gaynor 
MozReview-Commit-ID: 2bM5KVIbdru

--HG--
extra : rebase_source : f406551fb0986aaa77dd814cba17d399602093fb
 2017-08-03 13:29:55 -07:00
Alex Gaynor
250a8036f3 Bug 1385096 - remove access to the com.apple.bird mach service from the content process; r=haik 
MozReview-Commit-ID: FqKZVL16zz9

--HG--
extra : rebase_source : 8abca2f5c3aa95268887789fc2ca1a24da97de54
 2017-08-03 10:14:33 -04:00
Haik Aftandilian
e6f1d0e175 Bug 1386161 - [Mac] Remove IOAudioControl Rules. r=Alex_Gaynor 
MozReview-Commit-ID: 3cLUCJDoWlh

--HG--
extra : rebase_source : a6e5e7fa3975407f05c92f9e33b98826b2784e68
 2017-07-30 22:26:06 -07:00
Alex Gaynor
11a211f901 Bug 1386308 - stop trying to change the display sleep settings from the content process; r=haik 
Before this change we were trying to change the settings from both the content
and parent processes, so this doesn't change any functionality. This allows to
remove access to the com.apple.PowerManagement.control mach service from the
content process.

MozReview-Commit-ID: 3DOhqG5U6oz

--HG--
extra : rebase_source : dee0b97c444ae95cfc8f80cb0fb99aa9e2658d51
 2017-08-01 12:22:42 -04:00
Alex Gaynor
f09847af4d Bug 1386291 - remove access to the com.apple.DesktopServicesHelper mach service in content processes; r=haik 
MozReview-Commit-ID: Bk58lE5p6fi

--HG--
extra : rebase_source : a730b7bdf508a26cb039345f23d71c2558c1d7d1
 2017-08-01 11:12:44 -04:00
Alex Gaynor
567f1c90d0 Bug 1384941 - removed access to mach services which are used for cameras in the content process; r=haik 
MozReview-Commit-ID: Ir6KgLM34bu

--HG--
extra : rebase_source : badd0b62f20b870f7da82fcbefb09f7545e02801
 2017-07-25 11:51:03 -04:00
Haik Aftandilian
34c815ff04 Bug 1384209 - [Mac] Remove com.apple.coreservices.appleevents from the content process sandbox. r=Alex_Gaynor 
MozReview-Commit-ID: 37zX5WZiF4P

--HG--
extra : rebase_source : 53bd0bb8cb8353a7ec513066581a6abfe2d99172
 2017-07-24 15:53:18 -07:00
Alex Gaynor
724ff5d5bc Bug 1264811 - Use a const reference and a default constructor to simplify the macOS sandbox code; r=haik 
MozReview-Commit-ID: Dtspj7fL9t7

--HG--
extra : rebase_source : 4b85a1d7bd8ad393f032e67ebff0888bcfdd5447
 2017-07-28 15:00:22 -04:00
Alex Gaynor
cbb91e347d Bug 1385028 - simplify handling of macOS minor version in the sandbox policy; r=haik 
MozReview-Commit-ID: BDD7WzTqHC6

--HG--
extra : rebase_source : d3eb23c8217a4dad7877a663fb455a0db2660330
 2017-07-27 13:58:28 -04:00
Ryan VanderMeulen
4237da641e Backed out changeset 4d7f80401751 (bug 1385028) for bustage. 
--HG--
extra : rebase_source : 74b74e1a87c5e524f15eb04917d5b2205f3f87f3
 2017-07-27 20:10:23 -04:00
Alex Gaynor
7372dae53f Bug 1385028 - simplify handling of macOS minor version in the sandbox policy; r=haik 
MozReview-Commit-ID: BDD7WzTqHC6

--HG--
extra : rebase_source : 1d4a4deedbf6351da61e9433738000dcf6bcd0df
 2017-07-27 13:58:28 -04:00
Alex Gaynor
3229d39dba Bug 1384677 - remove com.apple.cookied access from content processes; r=haik 
MozReview-Commit-ID: 5mI4VXf7J8Q

--HG--
extra : rebase_source : 8514a3e7e73059964b29e240d7979b3a2758bb69
 2017-07-25 11:03:43 -04:00
Alex Gaynor
2e4ea0b3cd Bug 1383818 - Disallow content processes for using the com.apple.ocspd mach service; r=haik 
It is not used, so this is an attack surface reduction.

MozReview-Commit-ID: mrW9hi0SAh

--HG--
extra : rebase_source : 889b937cfd20680bbb62391fa7932b5cd2e1fd6a
 2017-07-24 09:50:32 -04:00
Haik Aftandilian
88b1e4c7ca Bug 1380132 - Part 3 - Use env variable MOZ_DEVELOPER_OBJ_DIR to whitelist object dir in content sandbox. r=Alex_Gaynor 
On developer builds, use $MOZ_DEVELOPER_OBJ_DIR to whitelist the object dir in the content sandbox so that symlinks to the object dir from .app/ files can be loaded.

MozReview-Commit-ID: J4YdpxgbD8i

--HG--
extra : rebase_source : 19e369fe9ae29418d9d79e1fb83246474d858f34
 2017-07-14 16:32:53 -07:00
Alex Gaynor
f76801e348 Bug 1379803 - on macOS, only allow the creation of regular files and directories in writable directories; r=haik 
This specifically disallows the creation of ttys and symlinks. Writable
directories are needed for plugins, which lazily create the plugintmp directory.
If/when the plugin API surface is reduced we can restrict down to just regular
files.

MozReview-Commit-ID: Ec6qeaiHSsB

--HG--
extra : rebase_source : 252a3cbf7954b9c09092b896ef8af45310438a86
 2017-07-11 09:51:04 -04:00
Alex Gaynor
f514ff97b3 Bug 1379182 - Remove some unnecessary file-write permissions types from the content process on macOS; r=haik 
On macOS, the file-write* permission type contains numerous sub-permissions (see
bug for full listing). Restrict the ones we allow to only the two we need:
file-write-create and file-write-data. This primarily reduces kernel attack
surface, I'm not aware of any bad things that could be done directly with the
removed permissions.

MozReview-Commit-ID: 3VvjFesy2qx

--HG--
extra : rebase_source : 934ec17c44c9ef3d7fab29919d66cf1a55d57697
 2017-07-07 11:05:01 -04:00
Wes Kocher
5dd57ee395 Merge m-c to inbound, a=merge 
MozReview-Commit-ID: IVwrN2VivZT
 2017-07-07 17:30:32 -07:00
Alex Gaynor
d40ad40466 Bug 1376976 - Restrict sysctl access in the content process to a whitelist of sysctl names. r=jld, r=haik 
MozReview-Commit-ID: 14yoiP1gskM
 2017-06-29 13:55:15 -07:00
Haik Aftandilian
c610a4c66b Bug 1376163 - [10.13] No audio playback on YouTube, no audio/video on Netflix (macOS High Sierra 10.13 Beta). r=Alex_Gaynor 
Allow access to the "com.apple.audio.AudioComponentRegistrar" API on 10.13+ systems.

MozReview-Commit-ID: 8gWXvuXTNKi

--HG--
extra : rebase_source : 8abf9a2548d915a89adfa82580d46c1bc00726d8
 2017-07-06 14:09:11 -07:00
Alex Gaynor
53f0246cfd Bug 1377164 - Improve the readability of the macOS plugin sandbox policy; r=haik 
MozReview-Commit-ID: 9R8qT98ESQJ

--HG--
extra : rebase_source : 537f0dc3c46bee9b8e295689fbcbc8c63415c5d1
 2017-06-29 10:53:04 -07:00
Alex Gaynor
bb1ea70f5f Bug 1357758 - Replace the file-read blacklist in the macOS sandbox policy with a whitelist of the allowed paths; r=haik 
This makes the policy easier to audit, harder to regress, and easier to further prune the content processes's permissions.

MozReview-Commit-ID: 6VqEoGsWSGH

--HG--
extra : rebase_source : 58a9d35dd6e58624779294b49df5cc7e34cb4320
 2017-04-18 15:57:54 -04:00
Alex Gaynor
b636380391 Bug 1374557 - Part 1 - Add the ability to specify a list of paths to whitelist read access to in the macOS content sandbox; r=haik 
MozReview-Commit-ID: HXBkyR7Tts2

--HG--
extra : rebase_source : 6daf50a4d7a4ff2ff85dfac43891149353e813aa
 2017-06-21 10:19:28 -04:00
Alex Gaynor
1141573ee9 Bug 1374660 - Removed redundant declarations from macOS content sandbox policy; r=haik 
MozReview-Commit-ID: Gw6AnH8r9sL

--HG--
extra : rebase_source : 62bb4dc335ab3f38a42543a488d07129a8d92a33
 2017-06-20 10:27:18 -04:00
Alex Gaynor
e43d5d424f Bug 1370540 - Extend the level 3 content sandbox filesystem read blacklist to include /Network and /Users; r=haik 
MozReview-Commit-ID: 6RfS5aYRghK

--HG--
extra : rebase_source : c8d084d42dc2b37e4a0642e1a72bdd514a68d465
 2017-06-06 10:48:06 -04:00
Alex Gaynor
33b7e1fa87 Bug 1363179 - do not allow content processes to read from /Volumes on macOS r=haik 
MozReview-Commit-ID: 8osJVQD3myh

--HG--
extra : rebase_source : 8cda32ca1bca80b796458d36099244a45af2f185
 2017-05-12 16:18:57 -04:00
Alex Gaynor
445480436b Bug 1361733 - In debug builds, do not allow content sandbox to write to all of /private/var r=haik 
This permission was needed for the memory bloat logging, which is used for
leaktest, including logging intentionally crashing processes. Now we restrict
ourselves to only allowing writes to the location needed for this logging,
rather than all of /private/var.

MozReview-Commit-ID: 5AbJEZlDHNV

--HG--
extra : rebase_source : 26936b8d8bca53f2c37a195b5e7c69c151ec18d2
 2017-05-02 11:07:10 -04:00
Haik Aftandilian
8c95154f41 Bug 1361304 - Remove /private/var read access from Mac level 3 content sandbox; r=Alex_Gaynor 
Removes read access to /private/var and its subdirectories from
the content process under the level 3 Mac sandbox. Still permits
reading of file metadata within the majority of /private/var.

Adds tests to validate the level 3 Mac content sandbox prevents
reading from /private.

MozReview-Commit-ID: FO5dz0F7dl4

--HG--
extra : rebase_source : 226f8de6d4d88f188c272a3e119ed7b8bac292df
 2017-05-05 10:48:52 -07:00
Haik Aftandilian
cbffb758e8 Bug 1360356 - [Mac] Remove "/Library/Caches/TemporaryItems" rule from level 3 Content Sandbox; r=Alex_Gaynor 
Remove reading of "~/Library/Caches/TemporaryItems" from level 3 and update
sandboxing filesystem test to check ~/Library/Caches/TemporaryItems readability.

MozReview-Commit-ID: 6EMzH7brSnp

--HG--
extra : rebase_source : f97b5625da2abda73decc969fc581c2bf858183f
 2017-04-28 11:48:43 -07:00
Alex Gaynor
82705afe91 Bug 1354678 - Switch our sandbox policies to use C++ raw strings and put them in a new header file r=haik 
r=haik

MozReview-Commit-ID: Fr5liCjcJtg

--HG--
extra : rebase_source : 3e90f7075e4e5b410ba0b8a08b0c6e403eb925f6
 2017-04-14 13:12:09 -04:00