Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-28 12:45:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
545,202 Commits 615 Branches 98 Tags 6 GiB
4e9cf83ee8
Commit Graph

648 Commits

Author SHA1 Message Date
Sylvestre Ledru
4e9cf83ee8 Bug 1378712 - Remove all trailing whitespaces r=Ehsan 
MozReview-Commit-ID: Kdz2xtTF9EG

--HG--
extra : rebase_source : 7235b3802f25bab29a8c6ba40a181a722f3df0ce
 2017-07-06 14:00:35 +02:00
Carsten "Tomcat" Book
7857fa0a5e merge mozilla-inbound to mozilla-central a=merge 2017-07-06 11:18:05 +02:00
Gian-Carlo Pascutto
84f7ba492b Bug 1377614 - Part 1 - Move IsDevelopmentBuild() to common code. r=Alex_Gaynor 
MozReview-Commit-ID: AcO0XaMS4Gp

--HG--
extra : rebase_source : ec40a94545fa78ce0210a0614db82b7bcb7e8a97
 2017-07-03 11:17:04 -07:00
Sebastian Hengst
8b1992d948 Backed out changeset 9137ed21a66f (bug 1377614) for bustage: not finding mozilla/SandboxSettings.h at netwerk/protocol/res/ExtensionProtocolHandler.cpp:46. r=backout 2017-07-05 22:51:58 +02:00
Gian-Carlo Pascutto
2032eb5262 Bug 1377614 - Part 1 - Move IsDevelopmentBuild() to common code. r=Alex_Gaynor 
MozReview-Commit-ID: AcO0XaMS4Gp

--HG--
extra : rebase_source : 2fa012f693ad7855c2c6e7b8399edf3c0e734299
 2017-07-03 11:17:04 -07:00
Alex Gaynor
53f0246cfd Bug 1377164 - Improve the readability of the macOS plugin sandbox policy; r=haik 
MozReview-Commit-ID: 9R8qT98ESQJ

--HG--
extra : rebase_source : 537f0dc3c46bee9b8e295689fbcbc8c63415c5d1
 2017-06-29 10:53:04 -07:00
Phil Ringnalda
22cb9f77bb Merge m-c to m-i 
MozReview-Commit-ID: H6zGgEm7oOM
 2017-07-04 20:32:07 -07:00
Jan Keromnes
09971ac7d3 Bug 1376643 - Use 'override' and '= default' on applicable methods in security/sandbox/. r=gcp 2017-06-27 17:57:00 +02:00
Jan Keromnes
df076300b1 Bug 1376643 - Use 'nullptr' where applicable in security/sandbox/. r=gcp 2017-06-27 17:56:00 +02:00
Alex Gaynor
b636380391 Bug 1374557 - Part 1 - Add the ability to specify a list of paths to whitelist read access to in the macOS content sandbox; r=haik 
MozReview-Commit-ID: HXBkyR7Tts2

--HG--
extra : rebase_source : 6daf50a4d7a4ff2ff85dfac43891149353e813aa
 2017-06-21 10:19:28 -04:00
Alex Gaynor
bb1ea70f5f Bug 1357758 - Replace the file-read blacklist in the macOS sandbox policy with a whitelist of the allowed paths; r=haik 
This makes the policy easier to audit, harder to regress, and easier to further prune the content processes's permissions.

MozReview-Commit-ID: 6VqEoGsWSGH

--HG--
extra : rebase_source : 58a9d35dd6e58624779294b49df5cc7e34cb4320
 2017-04-18 15:57:54 -04:00
Wes Kocher
bfc45b98b9 Merge m-c to inbound, a=merge 
MozReview-Commit-ID: 9XdoB5MuVz6
 2017-07-05 17:17:41 -07:00
Bob Owen
1eb1c9091d Bug 1378061: Only set user's SID in USER_LIMITED as deny only when not using restricting SIDs. r=jimm 2017-07-05 21:00:55 +01:00
Carsten "Tomcat" Book
7918eeee02 merge mozilla-inbound to mozilla-central a=merge 2017-06-28 13:23:29 +02:00
Jed Davis
8e5d5bda0f Bug 1362537 - Re-disallow accept4 in Linux content processes. r=gcp 
MozReview-Commit-ID: Gml8lR1Heu1

--HG--
extra : rebase_source : 6b466f887bd1802277a506295a9c6cc575196385
 2017-06-27 14:52:25 -07:00
Gian-Carlo Pascutto
f2e7c8b77a Bug 1374281. r=jld 
MozReview-Commit-ID: Ko5m5i4Wkd6

--HG--
extra : rebase_source : 3076315ef3639a89f752addbb01d5d08a9c2db75
 2017-06-19 20:07:38 +02:00
Bill McCloskey
f115503a0b Bug 1372405 - Provide names for all runnables in the tree (r=froydnj) 
MozReview-Commit-ID: DKR6ROiHRS7
 2017-06-26 14:19:58 -07:00
Nicholas Nethercote
f1364a75ea Bug 1374580 (part 3) - Remove ns{,C}Substring typedefs. r=froydnj. 
All the instances are converted as follows.

- nsSubstring  --> nsAString
- nsCSubstring --> nsACString

--HG--
extra : rebase_source : cfd2238c52e3cb4d13e3bd5ddb80ba6584ab6d91
 2017-06-20 19:19:52 +10:00
Florian Quèze
66f6d259bc Bug 1374282 - script generated patch to remove Task.jsm calls, r=Mossop. 2017-06-22 12:51:42 +02:00
Alex Gaynor
1141573ee9 Bug 1374660 - Removed redundant declarations from macOS content sandbox policy; r=haik 
MozReview-Commit-ID: Gw6AnH8r9sL

--HG--
extra : rebase_source : 62bb4dc335ab3f38a42543a488d07129a8d92a33
 2017-06-20 10:27:18 -04:00
Bob Owen
caa7e3c377 Bug 1368600: Add telemetry with the error code for when a Windows sandboxed child process fails to start. r=jimm, data-review=francois 2017-06-13 08:54:41 +01:00
Randell Jesup
b0a3a49ce8 Bug 1361703: enable NR_epoll_create/create1 in linux sandbox r=jld 
Enables creating new libevent epoll queues on Linux
 2017-06-13 01:54:20 -04:00
Jed Davis
da2db41a9c Bug 1362601 - Don't crash on sandbox violation if known-problem injected libs are present. r=gcp 
MozReview-Commit-ID: HCbavpMUxYm

--HG--
extra : rebase_source : ec0cc9dcbf07831209b438504311b45f5b8990a8
 2017-06-07 16:33:11 -06:00
Alex Gaynor
0403c42ccf Bug 1371701 - Fixed sandboxing tests to reflect that we're enabling file content process for all channels r=bobowen 
MozReview-Commit-ID: ICXZjEU2n6L

--HG--
extra : rebase_source : f28d5d61f6a0cdfecb2804239c407c730c4fd2ba
 2017-06-09 11:24:07 -04:00
Bob Owen
a3df44ccee Bug 1323188: Don't use restricting SIDs in the sandbox access tokens when running from a network drive. r=jimm 2017-06-07 20:20:02 +01:00
Jed Davis
039a1c2b5c Bug 1321134 - Allow access to dconf shared-memory flags. r=gcp,glandium 
DConf uses small memory-mapped files for the writer to signal readers
to invalidate cached data; the file is created by the first reader and
readers will write to it to force storage allocation.

If we don't allow opening the file, DConf will still work, but it will
reread the database on every pref access, and it prints messages on
stderr claiming it won't work.  So we should avoid that.

MozReview-Commit-ID: 9xoBIhtu5cu

--HG--
extra : rebase_source : 582b3bc30f2181b6564eefa34082a561f9cc0c28
 2017-05-30 07:10:15 -06:00
Alex Gaynor
e43d5d424f Bug 1370540 - Extend the level 3 content sandbox filesystem read blacklist to include /Network and /Users; r=haik 
MozReview-Commit-ID: 6RfS5aYRghK

--HG--
extra : rebase_source : c8d084d42dc2b37e4a0642e1a72bdd514a68d465
 2017-06-06 10:48:06 -04:00
Daniel Holbert
2a87f6e3c3 Bug 1369837: Add a void cast to silence clang Wcomma build warning, in sandbox's snapshot of chromium header. r=bobowen 
The build warning is for "possible misuse of comma operator".

The comma operator is a bit of a footgun becasue its first operand's result
just gets dropped on the floor (in this case, the result of the DCHECK
expression).  It appears that Chromium's use of the comma operator here is
intentional, though -- so we might as well accept clang's suggestion and "cast
expression to void to silence warning".

This is also filed upstream as:
 https://bugs.chromium.org/p/chromium/issues/detail?id=729123

MozReview-Commit-ID: Al2xsYEo3p0

--HG--
extra : rebase_source : 68d01b50ff1f07b68ddc0eeb7280ac412ac92932
 2017-06-02 12:45:01 -07:00
Jed Davis
b129f08d7f Bug 1322784 - Gently fail utime(), to deal with GConf/ORBit. r=gcp 
MozReview-Commit-ID: B4LmSGR6OEz

--HG--
extra : rebase_source : 613409994c0ba50c34c57537343484f1dc85b7aa
 2017-05-30 23:13:37 -06:00
Alex Gaynor
d27dc0ba0b Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm 
If the "security.sandbox.content.level" preference is set to a value less than
1, all consumers will automatically treat it as if it were level 1. On Linux and
Nightly builds, setting the sandbox level to 0 is still allowed, for now.

MozReview-Commit-ID: 9QNTCkdbTfm

--HG--
extra : rebase_source : cd5a853c46a5cd334504b339bef8df30a3cabe51
 2017-05-12 17:04:42 -04:00
Sebastian Hengst
fd03aa5bc8 Backed out changeset 4e283b54baa6 (bug 1358223) for build bustage on Android at dom/ipc/ContentChild.cpp:21. r=backout 2017-05-31 21:34:13 +02:00
Alex Gaynor
39f34ea898 Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm 
If the "security.sandbox.content.level" preference is set to a value less than
1, all consumers will automatically treat it as if it were level 1. On Linux and
Nightly builds, setting the sandbox level to 0 is still allowed, for now.

MozReview-Commit-ID: 9QNTCkdbTfm

--HG--
extra : rebase_source : 1a26ffc5b9f80e6df4c37c23f506e907ba44053a
 2017-05-12 17:04:42 -04:00
Alex Gaynor
1532472698 Bug 1368771 - Added a test which verifies that on macOS /Volumes isn't readable at sandbox level 3 r=haik 
r?haik

MozReview-Commit-ID: HPW4luz5n0M

--HG--
extra : rebase_source : c224b56de4b705758e2ab7820af02a4ef41d4040
 2017-05-30 13:52:57 -04:00
Jed Davis
f6b03fa260 Bug 1355274 - Polyfill SOCK_DGRAM socketpairs with SOCK_SEQPACKET, for libasyncns. r=gcp 
MozReview-Commit-ID: 2DeklSGsjUV

--HG--
extra : rebase_source : 8a202c23dc9a3ddede49b08ce1e0792dfb40bdbf
 2017-04-11 20:55:34 -06:00
Jed Davis
675bae8c8d Bug 1364533 - Allow madvise huge page hints. r=gcp 
MozReview-Commit-ID: 7sNWS2sFJCx

--HG--
extra : rebase_source : c1730d2ac5d352dcaec1889d4f20dd9bc0a838a8
 2017-05-12 20:04:07 -06:00
Bob Owen
e6bdfd5594 Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm 
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.

MozReview-Commit-ID: Jn6pCkLoGNM

--HG--
extra : source : 431267ab28deabef6ed7c791d8dff79e3fe590c1
 2017-05-22 20:41:28 +01:00
Bob Owen
035cf9bdc2 Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm 
MozReview-Commit-ID: L8wcVhdLvFe

--HG--
extra : source : c3fb60fbc32660719c1b8b06dc785abd4559d6c0
 2017-05-22 20:41:27 +01:00
Wes Kocher
848c9aa744 Backed out 3 changesets (bug 1339105) for plugin process leaks a=backout 
Backed out changeset 431267ab28de (bug 1339105)
Backed out changeset 445875fbf13b (bug 1339105)
Backed out changeset c3fb60fbc326 (bug 1339105)

MozReview-Commit-ID: 4HYUQbHHnox
 2017-05-22 15:14:23 -07:00
Bob Owen
16a4871cdf Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm 
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
 2017-05-22 20:41:28 +01:00
Bob Owen
edf3a239b1 Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm 
MozReview-Commit-ID: L8wcVhdLvFe
 2017-05-22 20:41:27 +01:00
Sebastian Hengst
89e33081c6 Backed out changeset 50bf4c923818 (bug 1339105) for Windows bustage: calling protected constructor of class 'nsAString' at sandboxBroker.cpp(208,11). r=backout on a CLOSED TREE 2017-05-22 16:16:16 +02:00
Sebastian Hengst
2a69fd246c Backed out changeset 367734cc9370 (bug 1339105) 2017-05-22 16:14:27 +02:00
Bob Owen
62c455086d Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm 
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
 2017-05-22 14:29:06 +01:00
Bob Owen
f24abd4ac3 Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm 
MozReview-Commit-ID: L8wcVhdLvFe
 2017-05-22 14:29:06 +01:00
Christoph Kerschbaumer
e4f38c8d7c Bug 1362993 - Rewrite gBrowser.addTab() to use BrowserTestUtils.addTab(). r=florian 2017-05-15 21:49:50 +02:00
Alex Gaynor
33b7e1fa87 Bug 1363179 - do not allow content processes to read from /Volumes on macOS r=haik 
MozReview-Commit-ID: 8osJVQD3myh

--HG--
extra : rebase_source : 8cda32ca1bca80b796458d36099244a45af2f185
 2017-05-12 16:18:57 -04:00
Alex Gaynor
9a4c947617 Bug 1363729 - Fixed a small formatting regression in tests. r=haik 
MozReview-Commit-ID: 7I6tKS6yoM7

--HG--
extra : rebase_source : 03a652024d30a57ad270338bc6e222281d0e7c78
 2017-05-10 10:05:25 -04:00
Hemant Singh Patwal
fd32e8da4a Bug 1359614 - Move the security/manager/.eslintrc.js to security/.eslintrc.js and fix the ESLint issues raised. r=standard8 
MozReview-Commit-ID: AlfInBsIPnF

--HG--
rename : security/manager/.eslintrc.js => security/.eslintrc.js
extra : rebase_source : 4dfdd45a4f1e4d3e45e2ef353dd0bb343a3d1adb
 2017-05-09 19:48:02 +05:30
Alex Gaynor
445480436b Bug 1361733 - In debug builds, do not allow content sandbox to write to all of /private/var r=haik 
This permission was needed for the memory bloat logging, which is used for
leaktest, including logging intentionally crashing processes. Now we restrict
ourselves to only allowing writes to the location needed for this logging,
rather than all of /private/var.

MozReview-Commit-ID: 5AbJEZlDHNV

--HG--
extra : rebase_source : 26936b8d8bca53f2c37a195b5e7c69c151ec18d2
 2017-05-02 11:07:10 -04:00
Haik Aftandilian
8c95154f41 Bug 1361304 - Remove /private/var read access from Mac level 3 content sandbox; r=Alex_Gaynor 
Removes read access to /private/var and its subdirectories from
the content process under the level 3 Mac sandbox. Still permits
reading of file metadata within the majority of /private/var.

Adds tests to validate the level 3 Mac content sandbox prevents
reading from /private.

MozReview-Commit-ID: FO5dz0F7dl4

--HG--
extra : rebase_source : 226f8de6d4d88f188c272a3e119ed7b8bac292df
 2017-05-05 10:48:52 -07:00