Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-24 21:31:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
a76fa3e411
gecko-dev/security
History
Jed Davis a76fa3e411 Bug 1829652 - Remove Linux content sandbox level 1. r=gcp 
Content sandbox level 1 was a configuration with a default-deny
seccomp-bpf policy but which allowed direct filesystem access; that
required additional code for the syscall filter which was untested and
tended to bit-rot.  It was trivially escapable and was no longer being
used even for debugging, so this patch removes it.

The `security.sandbox.content.level` pref can still be set to 0 to
disable the sandbox, but if it's nonzero then we now enforce a minimum
level of 2, which restricts write access to files (but not read access
or the use of sockets).

Differential Revision: https://phabricator.services.mozilla.com/D176968
2023-05-08 18:51:47 +00:00
..
certverifier Backed out changeset 53da6e0fc159 (bug 1828968) for causing xpc failures in services/settings/test/unit/test_attachments_downloader.js CLOSED TREE 2023-04-21 21:39:24 +03:00
ct Bug 1827627 - Update CT Log script, log_list.json and CTKnownLogs.h. r=keeler 2023-04-12 18:38:00 +00:00
mac/hardenedruntime Bug 1799922 - Remove codesign.bash r=mstange 2022-11-15 16:03:31 +00:00
manager No Bug, mozilla-central repo-update HSTS HPKP remote-settings tld-suffixes - r=release-managers,dmeehan 2023-05-08 12:27:01 +00:00
nss Bug 1831621 - land NSS NSS_3_89_1_RTM UPGRADE_NSS_RELEASE, r=nss-reviewers,jschanck 2023-05-05 23:38:42 +00:00
rlbox Backed out changeset e261c34a0fc4 (bug 1829765) for depanding on Bug 1830962 CLOSED TREE 2023-05-03 11:24:23 +03:00
sandbox Bug 1829652 - Remove Linux content sandbox level 1. r=gcp 2023-05-08 18:51:47 +00:00
.eslintrc.js Bug 1824173 - Enable ESLint configuration valid-jsdocs across the tree, disabling for currently failing locations. r=mossop,webcompat-reviewers,extension-reviewers,credential-management-reviewers,denschub,dimi,robwu 2023-03-24 19:35:25 +00:00
generate_certdata.py Bug 1790816 - Reformat security/ with isort. r=linter-reviewers,ahal DONTBUILD 2022-11-24 17:22:21 +00:00
generate_mapfile.py
moz.build Bug 1805371 - avoid building and running FaultyServer tests with system NSS. r=glandium,necko-reviewers,kershaw 2023-01-03 17:48:24 +00:00
nss.symbols Bug 1773966 - land NSS NSS_3_80_RTM UPGRADE_NSS_RELEASE, r=bbeurdouche,nss-reviewers 2022-06-23 18:47:59 +00:00