8efbee5948
Bug 1441801 Part 2: Fix line endings in sandboxBroker.cpp. r=jimm
2018-03-01 14:37:26 +00:00
be5a4dadac
Bug 1441801 Part 1: Stop using the chromium sandbox DLL blocking mechanism on Nightly. r=jimm
2018-03-01 14:37:25 +00:00
9a797c5ce2
Bug 1415160: Part 2 - Add mitigations to plugin process if not running from network drive r=bobowen
...
Adds MITIGATION_IMAGE_LOAD_NO_REMOTE and MITIGATION_IMAGE_LOAD_NO_LOW_LABEL to the plugin process if we aren't running from a networked drive. The same condition applies to these mitigations in the content process.
--HG--
extra : rebase_source : b61f91f3e56f6b4930a03331b7791a9173857518
2017-12-21 12:36:02 -08:00
90d62139c0
Bug 1415160: Part 1 - Enable new NPAPI Windows Process Mitigations; r=bobowen
...
Enables new process mitigations that have been included from Chromium upstream.
--HG--
extra : rebase_source : 8997bef9c6a6c660b39e68ebfabf90f4de162bca
2017-12-20 22:58:26 -08:00
0d04153faf
Bug 1407693 - Part 1 - Expose method for sharing a HANDLE to a child process in the sandboxing API; r=bobowen
...
MozReview-Commit-ID: 3LBCzPS6Mzg
--HG--
extra : rebase_source : 7e1ea157eeea5810ad21d781e93b7046aebf2bd6
2017-11-27 14:34:48 -06:00
93f2f80c9d
Backed out 2 changesets (bug 1407693) for windows mingw32 bustages at /builds/worker/workspace/build/src/ipc/glue/GeckoChildProcessHost.cpp:1032 on a CLOSED TREE
...
Backed out changeset 9c3346021c21 (bug 1407693)
Backed out changeset f18e1e557cf6 (bug 1407693)
2018-02-07 21:42:47 +02:00
fe879d087a
Bug 1407693 - Part 1 - Expose method for sharing a HANDLE to a child process in the sandboxing API; r=bobowen
...
MozReview-Commit-ID: 3LBCzPS6Mzg
--HG--
extra : rebase_source : 70b31bde82bfd3721b75cc9dc7171b2c1efc5f9f
2017-11-27 14:34:48 -06:00
312f33b8c5
Bug 1426733: Use restricting SIDs in Windows NPAPI process r=bobowen
...
Allow NPAPI sandbox to use restricting SIDs.
--HG--
extra : rebase_source : be53cfa3b05bd6d0f5b24b8f4f0b41e623d40e9a
2017-12-20 21:35:26 -08:00
251c705683
Bug 1434292: Only use MITIGATION_IMAGE_LOAD_NO_LOW_LABEL flag for pdfium process when not running from a network drive. r=jimm
2018-01-31 08:56:11 +00:00
70c724a921
Bug 1434276: Use MITIGATION_EXTENSION_POINT_DISABLE flag for GMP process. r=jimm
2018-01-31 08:56:11 +00:00
af97855568
Bug 1433065: Make the Chromium sandbox DLL blocking Nightly only. r=jimm
2018-01-25 15:33:55 +00:00
29a3f48beb
Backed out changeset 541ea4baacba (bug 1433065) - due to missing variable in non-Nightly
2018-01-25 15:33:55 +00:00
9281954b93
Bug 1433065: Make the Chromium sandbox DLL blocking Nightly only. r=jimm
2018-01-25 13:31:40 +00:00
e5687f9731
Bug 1430118 - Look for log file names in the passed environment. r=bobowen
...
MozReview-Commit-ID: HVUDYoEwjCd
--HG--
extra : rebase_source : 4121114558901489cd3954f433fe70bdea32a683
2018-01-17 09:54:48 +01:00
61cf15cc85
Bug 1297740. r=jld
2018-01-08 10:07:16 +01:00
ebae541f60
Backed out 1 changesets (bug 1297740) for mingw32 build failure at src/ipc/chromium/src/base/process_util_win.cc r=backout on a CLOSED TREE
...
Backed out changeset e2501f2e295e (bug 1297740)
2018-01-06 00:59:25 +02:00
3178a4003d
Bug 1297740. r=jld
...
--HG--
extra : rebase_source : 1d7bd987eed365bf442ed7eb856d8413af3205dc
2018-01-04 15:37:33 +01:00
c88d4f8c83
Backed out changeset 3bdd7743f057 (bug 1297740) for Build Bustage. r=backout on a CLOSED TREE
2017-12-21 16:21:48 +02:00
6821480454
Bug 1297740. r=jld
...
--HG--
extra : rebase_source : 5531d3902fc5916d9d205ed13d7d5c062bef8b27
2017-12-07 16:36:10 +01:00
07e7f9f727
Bug 1399787 - Part 9. Sandbox the PDFium process. r=bobowen,jwatt
...
MozReview-Commit-ID: 6ED7EPZvOMR
--HG--
extra : rebase_source : d8ddd2bb3551cf25c0f18151c4340e1f48d659ca
extra : intermediate-source : d90c5064d88a6468c1209f4a78ec7631592eec98
extra : source : 91b761e38efd28a69647c38531f5418fffee8f50
2017-10-18 20:52:45 +08:00
e19c11cd2a
Bug 1423296: Don't use MITIGATION_IMAGE_LOAD_NO_LOW_LABEL when running from a network drive. r=jimm
2017-12-08 19:00:54 +00:00
e882c9b394
Backed out 22 changesets (bug 1399787) for failing on mozmake.EXE r=backout a=backout on a CLOSED TREE
...
Backed out changeset 0afbd07d8219 (bug 1399787)
Backed out changeset 80c062fd58fb (bug 1399787)
Backed out changeset b1457eabd34e (bug 1399787)
Backed out changeset d875e45f591e (bug 1399787)
Backed out changeset 8f600ac930ec (bug 1399787)
Backed out changeset c478fb75f5cb (bug 1399787)
Backed out changeset c995f4e18724 (bug 1399787)
Backed out changeset 0b75ef19e695 (bug 1399787)
Backed out changeset 2382a348a6c1 (bug 1399787)
Backed out changeset 93f9a5e253d8 (bug 1399787)
Backed out changeset 5c50bbde0950 (bug 1399787)
Backed out changeset 67e530c129c7 (bug 1399787)
Backed out changeset 682c60e52749 (bug 1399787)
Backed out changeset ff1436ae1ef7 (bug 1399787)
Backed out changeset cb3ae1dc20b2 (bug 1399787)
Backed out changeset bc52b1781641 (bug 1399787)
Backed out changeset d165846cb5e1 (bug 1399787)
Backed out changeset 185368267354 (bug 1399787)
Backed out changeset c385d0f60f8a (bug 1399787)
Backed out changeset 364b5b44932b (bug 1399787)
Backed out changeset 98758e79710d (bug 1399787)
Backed out changeset d56497aa5390 (bug 1399787)
2017-12-07 19:16:08 +02:00
fe99eaf1f9
Bug 1399787 - Part 9. Sandbox the PDFium process. r=bobowen,jwatt
...
MozReview-Commit-ID: 6ED7EPZvOMR
--HG--
extra : rebase_source : 5dbc1330a355e01a3a40e8145b35556cd27f0394
extra : intermediate-source : d90c5064d88a6468c1209f4a78ec7631592eec98
extra : source : 91b761e38efd28a69647c38531f5418fffee8f50
2017-10-18 20:52:45 +08:00
8ba04e79f9
Bug 1422053: Create Windows sandbox sLaunchErrors hashtable on the main thread. r=aklotz
2017-12-07 09:07:43 +00:00
6bd2ddcccd
Bug 1366701 Part 1: Roll-up of chromium sandbox update and mozilla patches to get a running browser. r=jld,aklotz,jimm,bobowen
...
This updates security/sandbox/chromium/ files to chromium commit 937db09514e061d7983e90e0c448cfa61680f605.
Additional patches re-applied from security/sandbox/chromium-shim/patches/with_update/ to give a compiling and mostly working browser.
See patch files for additional commit comments.
2017-10-26 15:10:41 +01:00
5a64c2aeb7
Bug 1417959: Bump Alternate Desktop to Level 5 and make that the Default on Nightly. r=jimm
2017-11-16 18:10:00 +00:00
cd430d0c58
Bug 1415250 Part 1: Block prntm64.dll and guard32.dll in sandboxed child processes. r=jimm
2017-11-08 08:06:14 +00:00
e67fce9b1f
Bug 1412827: Add Symantec DLLs ffm64 and ffm to the sandboxed child blocklist. r=jimm
...
This patch also adds k7pswsen.dll unconditionally as it is still appearing
in many crash reports despite the block working in a test VM.
2017-10-30 16:28:26 +00:00
f7efb5fc2c
Merge mozilla-central to mozilla-inbound. r=merge a=merge on a CLOSED TREE
2017-10-12 12:03:15 +02:00
17a6cb2cbf
Bug 1407766 - Remove symantec dlls from the content process dll blocklist due to process startup issues associated with symantec av products. r=bobowen
...
MozReview-Commit-ID: JMOIptO2y7F
2017-10-11 18:00:18 -05:00
a9b7865141
Bug 1316153 - Remove base::ChildPrivileges from IPC. r=billm,bobowen
...
ChildPrivileges is a leftover from the B2G process model; it's now
mostly unused, except for the Windows sandbox using it to carry whether
a content process has file:/// access.
In general, when sandboxing needs to interact with process launch, the
inputs are some subset of: the GeckoProcessType, the subtype if content,
various prefs and even GPU configuration; and the resulting launch
adjustments are platform-specific. And on some platforms (e.g., OS X)
it's all done after launch. So a simple enum used cross-platform isn't
a good fit.
MozReview-Commit-ID: K31OHOpJzla
--HG--
extra : rebase_source : 3928b44eb86cd076bcac7897536590555237b76b
2017-09-08 16:16:50 -06:00
ff9470afb1
Bug 1406068: Expand the list of DLLs that are suspected of causing a crash in ImageBridgeChild::InitForContent. r=jimm
...
I think that trying to slice this up by feature is just going to lead to complications down the line,
so to keep it simple I've moved this to the launch code for all sandboxed children, not just when the
Alternate Desktop is enabled.
This also, similar to chromium, only adds them to the blocklist if they are loaded in the parent.
2017-10-10 10:42:22 +01:00
35249752a0
Bug 1393805 - Part 3 - Add Windows whitelisted directory for system extensions development. r=bobowen
...
MozReview-Commit-ID: 8K5c3mUlqna
--HG--
extra : rebase_source : 0f5a47e8504a38939a1c34a4bc4073bcdc1545d3
2017-10-02 15:17:15 -07:00
d60d5571f3
Backed out changeset 45695eda1c1c (bug 1393805)
2017-10-05 00:20:06 +02:00
213bec3e84
Bug 1393805 - Part 3 - Add Windows whitelisted directory for system extensions development. r=bobowen
...
MozReview-Commit-ID: 8K5c3mUlqna
--HG--
extra : rebase_source : 33b71d3ab20c0fdf24bcee39d4395757031213be
2017-10-02 15:17:15 -07:00
d54db04ac2
Bug 1403744 - Part 1 - Whitelist the per-user extensions dir XRE_USER_SYS_EXTENSION_DIR on Windows. r=bobowen
...
MozReview-Commit-ID: 8K5c3mUlqna
--HG--
extra : rebase_source : 00f91b3e1112766731119c1cbe14a08387202f60
2017-09-27 16:14:30 -07:00
29d5db60ba
Bug 1403707 - Change content sandbox job level to JOB_LOCKDOWN. r=bobowen
...
Changing definition of Windows content sandbox level 4 (the current Nightly default) to increase the job level from JOB_RESTRICTED to JOB_LOCKDOWN.
2017-09-27 13:36:06 -07:00
8cf423ff54
Bug 1403230: Block WRusr.dll in child processes when using Alternate Desktop. r=jimm
2017-09-26 19:23:39 +01:00
2e66e542ea
Bug 1314801 Part 2: Enable MITIGATION_IMAGE_LOAD_NO_LOW_LABEL and MITIGATION_IMAGE_LOAD_NO_REMOTE on Windows content sandbox. r=jimm
2017-09-13 11:19:41 +01:00
6b4635da55
Bug 1395952: Enhance telemetry for failed launch of Windows sandboxed process by process type/error code key. r=jimm, data-r=rweiss
...
Only one telemetry accumlation will occur for each key per session.
2017-09-12 07:53:52 +01:00
0617c21c24
Bug 1393230 - Part 2: Fix more improper string usages. r=njn
...
This fixes improper usages of Find where an offset was actually being use for
the boolean ignore case flag. It also fixes a few instances of passing in a
literal wchar_t to our functions where a NS_LITERAL_STRING or char16_t should
be used instead.
--HG--
extra : rebase_source : 5de1e9335895d65e6db06c510e8887d27be3390f
extra : source : f762f605dd83fc6331161a33e1ef5d54cafbd08d
2017-08-31 15:52:30 -07:00
f7ab109d5e
Bug 1229829 - Part 2 - Use an alternate desktop on the local winstation for content processes; r=bobowen
...
MozReview-Commit-ID: ES52FwM5oFZ
--HG--
extra : rebase_source : 3893d3022f203eb0962f3bcc3490b35514285781
2017-08-16 09:55:19 -04:00
60cdfbd0a2
Bug 1392570: On Windows 7 don't attempt to use a job object for the sandbox when it will fail. r=jimm, data-r=rweiss
...
This patch also adds telemetry for when this occurs, breaking it down for local and remote sessions.
2017-09-01 14:05:49 +01:00
dc46549cd6
Bug 1366694 Part 1: Allow user handles in the content process job in DEBUG builds. r=jimm
2017-07-07 15:51:17 +01:00
6fa192cf93
Bug 1381326 - Enable MITIGATION_EXTENSION_POINT_DISABLE feature for Windows content. r=bobowen
...
MozReview-Commit-ID: 34MNqN5ln7J
--HG--
extra : rebase_source : 3b5565d5b387f70c562cf1b8e306dd2df8d57233
2017-07-16 12:08:18 -05:00
7aff7962d7
Bug 1377249 - Allow Flash to create Secure Socket connections. r=bobowen
2017-07-11 19:26:24 -07:00
038afacb9f
Backed out changeset 2ae22a66e02d (bug 1366694) for memory leaks
2017-07-11 13:14:55 +02:00
db58bdb9ca
Bug 1377555 Part 3: Don't use restricting SIDs when running from a network drive. r=jimm
2017-07-11 09:44:21 +01:00
01f2685a30
Bug 1377555 Part 1: Back out changesets 04edb03fb817 and d17ac655cc51. r=jimm
...
This backouts the previous change to detect and change the sandbox policy
when running from a network drive.
2017-07-11 09:44:20 +01:00
ecbd6ca808
Bug 1366694 Part 1: Allow user handles in the content process job in DEBUG builds. r=jimm
2017-07-07 15:51:17 +01:00
Bob Owen
David Parks
Alex Gaynor
Andreea Pavel
Gian-Carlo Pascutto
Gian-Carlo Pascutto
Coroiu Cristina
Csoregi Natalia
cku
Bogdan Tara
Sebastian Hengst
Jim Mathies
Jed Davis
Haik Aftandilian
Eric Rahm
Carsten "Tomcat" Book