mozilla/gecko-dev - gecko-dev - Git

Граф коммитов

Автор	SHA1	Сообщение	Дата
Alex Gaynor	106fa9d993	Bug 1405088 - Part 1 - remove file-write permissions from macOS content temporary directory; r=haik With this change, the macOS content sandbox has no ability to create files anywhere on disk (in release builds). If the content process needs a file to write to, it needs to obtain a file descriptor from the parent process. MozReview-Commit-ID: 7LoG1PW0UDR --HG-- extra : rebase_source : 4ac0a7f187d45c9b6c0f8a658edfdae0509054ac	2017-10-02 10:48:01 -04:00
Kris Maglione	918ed6c474	Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian This was done using the following script: `37e3803c7a/processors/chromeutils-import.jsm` MozReview-Commit-ID: 1Nc3XDu0wGl --HG-- extra : source : 12fc4dee861c812fd2bd032c63ef17af61800c70 extra : intermediate-source : 34c999fa006bffe8705cf50c54708aa21a962e62 extra : histedit_source : b2be2c5e5d226e6c347312456a6ae339c1e634b0	2018-01-29 15:20:18 -08:00
Cosmin Sabou	9a65a40178	Backed out 3 changesets (bug `1431533`) for Android mochitest failures on testEventDispatcher on a CLOSED TREE Backed out changeset a1eca62826a1 (bug `1431533`) Backed out changeset 34c999fa006b (bug `1431533`) Backed out changeset e2674287e57f (bug `1431533`)	2018-01-30 07:17:48 +02:00
Kris Maglione	6476f95b13	Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian This was done using the following script: `37e3803c7a/processors/chromeutils-import.jsm` MozReview-Commit-ID: 1Nc3XDu0wGl --HG-- extra : source : 12fc4dee861c812fd2bd032c63ef17af61800c70	2018-01-29 15:20:18 -08:00
Brindusan Cristian	af8879d1eb	Backed out 2 changesets (bug `1431533`) for ESlint failures on a CLOSED TREE Backed out changeset 6e56f4c8843e (bug `1431533`) Backed out changeset 12fc4dee861c (bug `1431533`)	2018-01-30 02:32:43 +02:00
Kris Maglione	c276bb9375	Bug 1431533: Part 5a - Auto-rewrite code to use ChromeUtils import methods. r=florian This was done using the following script: `37e3803c7a/processors/chromeutils-import.jsm` MozReview-Commit-ID: 1Nc3XDu0wGl --HG-- extra : rebase_source : c004a023389f1f6bf3d2f3efe93c13d423b23ccd	2018-01-29 15:20:18 -08:00
Mark Banner	770685e15e	Bug 1425688 - Enable ESLint rule mozilla/use-services for security/. r=gcp,keeler MozReview-Commit-ID: 4Kd9L8ExNGl --HG-- extra : rebase_source : 02a5242629c7b597d7fd4e5e1373781fcbb82905	2017-12-16 13:10:40 -06:00
Cosmin Sabou	6c33dde6ca	Backed out 2 changesets (bug 1425688) on request from jorgk for breaking the Certificate Manager r=backout a=backout Backed out changeset f73324a4d033 (bug 1425688) Backed out changeset bd2bf7b7fead (bug 1425688)	2017-12-28 15:26:09 +02:00
Mark Banner	bed9b1d6c8	Bug 1425688 - Enable ESLint rule mozilla/use-services for security/. r=gcp,keeler MozReview-Commit-ID: 4Kd9L8ExNGl --HG-- extra : rebase_source : d8383ef464e9f0d19c7642a07967f3e2fa56d0dc	2017-12-16 13:10:40 -06:00
Alex Gaynor	d40ad40466	Bug 1376976 - Restrict sysctl access in the content process to a whitelist of sysctl names. r=jld, r=haik MozReview-Commit-ID: 14yoiP1gskM	2017-06-29 13:55:15 -07:00
Florian Quèze	66f6d259bc	Bug 1374282 - script generated patch to remove Task.jsm calls, r=Mossop.	2017-06-22 12:51:42 +02:00
Alex Gaynor	d27dc0ba0b	Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm If the "security.sandbox.content.level" preference is set to a value less than 1, all consumers will automatically treat it as if it were level 1. On Linux and Nightly builds, setting the sandbox level to 0 is still allowed, for now. MozReview-Commit-ID: 9QNTCkdbTfm --HG-- extra : rebase_source : cd5a853c46a5cd334504b339bef8df30a3cabe51	2017-05-12 17:04:42 -04:00
Sebastian Hengst	fd03aa5bc8	Backed out changeset 4e283b54baa6 (bug 1358223) for build bustage on Android at dom/ipc/ContentChild.cpp:21. r=backout	2017-05-31 21:34:13 +02:00
Alex Gaynor	39f34ea898	Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm If the "security.sandbox.content.level" preference is set to a value less than 1, all consumers will automatically treat it as if it were level 1. On Linux and Nightly builds, setting the sandbox level to 0 is still allowed, for now. MozReview-Commit-ID: 9QNTCkdbTfm --HG-- extra : rebase_source : 1a26ffc5b9f80e6df4c37c23f506e907ba44053a	2017-05-12 17:04:42 -04:00
Alex Gaynor	9a4c947617	Bug 1363729 - Fixed a small formatting regression in tests. r=haik MozReview-Commit-ID: 7I6tKS6yoM7 --HG-- extra : rebase_source : 03a652024d30a57ad270338bc6e222281d0e7c78	2017-05-10 10:05:25 -04:00
Hemant Singh Patwal	fd32e8da4a	Bug `1359614` - Move the security/manager/.eslintrc.js to security/.eslintrc.js and fix the ESLint issues raised. r=standard8 MozReview-Commit-ID: AlfInBsIPnF --HG-- rename : security/manager/.eslintrc.js => security/.eslintrc.js extra : rebase_source : 4dfdd45a4f1e4d3e45e2ef353dd0bb343a3d1adb	2017-05-09 19:48:02 +05:30
Florian Quèze	37bbced84d	Bug 1344711 - hand cleanup of remaining useless try blocks around get*Pref calls identified by eslint, r=jaws. --HG-- extra : rebase_source : 18c027010838faba91f0ac699f9bde07f85500e7	2017-03-07 15:29:48 +01:00
Haik Aftandilian	8f8a9f5255	Bug 1344106 - Remove Linux todos() now that Linux sandboxing is riding the trains. r=haik MozReview-Commit-ID: 9tI2S6fEYkD --HG-- extra : rebase_source : 0a5d00f8498861e7ea281e527b2be6b2c4e472d6	2017-03-03 09:50:29 +01:00
Haik Aftandilian	d144ed6ded	Bug 1309394 - automated tests to validate content process sandboxing works as intended; r=bobowen,gcp Adds security/sandbox/test/browser_content_sandbox_fs.js for validating content sandbox file I/O restrictions. Adds security/sandbox/test/browser_content_sandbox_syscalls.js for validating OS-level calls are sandboxed as intended. Uses js-ctypes to invoke native library routines. Windows tests yet to be added here. Adds security/sandbox/test/browser_content_sandbox_utils.js with some shared utility functions. MozReview-Commit-ID: 5zfCLctfuN5 --HG-- extra : rebase_source : 4edd14220bcd18b15a3c522e44d7223547a79f43	2017-01-10 22:01:03 -08:00