Bob Owen
caa7e3c377
Bug 1368600: Add telemetry with the error code for when a Windows sandboxed child process fails to start. r=jimm, data-review=francois
2017-06-13 08:54:41 +01:00
Bob Owen
a3df44ccee
Bug 1323188: Don't use restricting SIDs in the sandbox access tokens when running from a network drive. r=jimm
2017-06-07 20:20:02 +01:00
Bob Owen
e6bdfd5594
Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
...
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
MozReview-Commit-ID: Jn6pCkLoGNM
--HG--
extra : source : 431267ab28deabef6ed7c791d8dff79e3fe590c1
2017-05-22 20:41:28 +01:00
Bob Owen
035cf9bdc2
Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
...
MozReview-Commit-ID: L8wcVhdLvFe
--HG--
extra : source : c3fb60fbc32660719c1b8b06dc785abd4559d6c0
2017-05-22 20:41:27 +01:00
Wes Kocher
848c9aa744
Backed out 3 changesets (bug 1339105) for plugin process leaks a=backout
...
Backed out changeset 431267ab28de (bug 1339105)
Backed out changeset 445875fbf13b (bug 1339105)
Backed out changeset c3fb60fbc326 (bug 1339105)
MozReview-Commit-ID: 4HYUQbHHnox
2017-05-22 15:14:23 -07:00
Bob Owen
16a4871cdf
Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
...
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
2017-05-22 20:41:28 +01:00
Bob Owen
edf3a239b1
Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
...
MozReview-Commit-ID: L8wcVhdLvFe
2017-05-22 20:41:27 +01:00
Sebastian Hengst
89e33081c6
Backed out changeset 50bf4c923818 (bug 1339105) for Windows bustage: calling protected constructor of class 'nsAString' at sandboxBroker.cpp(208,11). r=backout on a CLOSED TREE
2017-05-22 16:16:16 +02:00
Sebastian Hengst
2a69fd246c
Backed out changeset 367734cc9370 (bug 1339105)
2017-05-22 16:14:27 +02:00
Bob Owen
62c455086d
Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
...
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
2017-05-22 14:29:06 +01:00
Bob Owen
f24abd4ac3
Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
...
MozReview-Commit-ID: L8wcVhdLvFe
2017-05-22 14:29:06 +01:00
David Parks
532fe74f04
Bug 1347710 - Enable sandbox protections for the Windows GPU process. r=bobowen
...
The sandbox works with levels. The GPU sandbox level defaults to 1 in all builds. It is controlled by security.sandbox.gpu.level.
2017-04-24 09:46:09 -07:00
Alex Gaynor
49d40030b6
Bug 1348269 - When SpawnTarget fails during Windows sandboxed process creation, log more information r=bobowen
...
r=bobowen
MozReview-Commit-ID: HTLPYg870rt
--HG--
extra : rebase_source : 5c7fc4045324d442ff372ec700b57c12c4d10080
2017-04-04 10:54:14 -04:00
Bob Owen
94bf554716
Bug 1337331 Part 1: Update security/sandbox/chromium/ to commit b169b9a1cc402573843e8c952af14c4e43487e91. r=jld, r=aklotz, r=jimm
...
Also inclues follow-up to remove mitigations that require Windows 10 SDK.
MozReview-Commit-ID: HwqM4noIHmy
2017-03-29 14:23:17 +01:00
Bob Owen
2a12392590
Bug 1344453 Part 2: Add FILES_ALLOW_READONLY rule to all paths when Windows child process should have full read access. r=jimm
2017-03-28 08:36:16 +01:00
Carsten "Tomcat" Book
0a1fc914ce
Backed out changeset d9872fdd25f8 (bug 1337331) for causing build problems for others + on request on bob
2017-03-24 11:24:13 +01:00
Bob Owen
8995d28500
Bug 1337331 Part 1: Update security/sandbox/chromium/ to commit b169b9a1cc402573843e8c952af14c4e43487e91. r=jld, r=aklotz
2017-03-23 10:29:05 +00:00
Honza Bambas
654b5c9af9
Bug 1320458 - Make logging by sandboxed child processes to a file work on Windows, r=aklotz
...
MozReview-Commit-ID: 7eiW3Lo6q8Z
2017-03-06 17:42:31 +01:00
Bob Owen
d30aee57bf
Bug 1339729: Remove wow_helper from Windows process sandboxing. r=glandium
2017-03-01 10:41:07 +00:00
David Parks
26437f4ecd
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
--HG--
extra : rebase_source : 4d5637bcdbeae605b0b99e9192598d48f371b698
2017-02-14 15:08:40 -08:00
Sebastian Hengst
68e7240c0c
Backed out changeset 71b9ac06a60a (bug 1284897)
2017-02-21 23:13:29 +01:00
David Parks
82eb0f3fdd
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
--HG--
extra : rebase_source : e34e8b50101cc40ded26e80791052123b24c8243
extra : histedit_source : 69c9b2dc91546adbfdad03b5d43842809191ffb9
2017-02-14 15:08:40 -08:00
Phil Ringnalda
87ae1a50e4
Backed out 5 changesets (bug 1284897) for mozilla::SandboxPermissions::RemovePermissionsForProcess crashes
...
Backed out changeset 19b2fcee13a9 (bug 1284897)
Backed out changeset a5171791437f (bug 1284897)
Backed out changeset 3ea8b8a18515 (bug 1284897)
Backed out changeset 21497a4e3bde (bug 1284897)
Backed out changeset 12e17d5f0fa9 (bug 1284897)
2017-02-16 22:14:15 -08:00
David Parks
e9bcaf4cbe
Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
...
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
2017-02-14 15:08:40 -08:00
Bob Owen
209be0e8ce
Bug 1339389: Remove legacy build config from Windows SandboxBroker moz.build. r=glandium
...
MozReview-Commit-ID: KA3dCxrCZRo
2017-02-15 08:31:14 +00:00
Matt Woodrow
0686551eab
Bug 1325227 - Part 3: Allow child process to share semaphore handles with the parent/gpu processes. r=bobowen
2017-02-04 23:19:03 +13:00
Bob Owen
badd6bf1b0
Bug 1273372 Part 4: Add AppLocker rules to GMP sandbox policy. r=aklotz
2016-12-22 11:11:07 +00:00
Bob Owen
c7db6e3961
Bug 1321256: Use a USER_UNPROTECTED initial token when the delayed token is not restricted. r=jimm
2016-12-14 14:43:06 +00:00
Bob Owen
8865218aa3
Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld
2016-11-24 15:08:32 +00:00
Sebastian Hengst
c7964131c3
Backed out changeset 11a036eafea2 (bug 1147911)
2016-11-23 18:32:42 +01:00
Bob Owen
ca93c43645
Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld
2016-11-23 13:36:59 +00:00
Sebastian Hengst
a0103a13ec
Backed out changeset a5c68edf3788 (bug 1147911)
2016-11-18 00:58:51 +01:00
Bob Owen
87b58c6a19
Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld
2016-11-17 15:48:53 +00:00
David Parks
1748bfae57
Bug 1269114 - [x86_64] Last picked directory not saved when using Flash Player uploader. r=jimm
...
Adds a couple of registry paths to the broker's ALLOW policy.
2016-09-24 02:54:12 -07:00
Bob Owen
182a56ac2a
Bug 1301034: Log when non-static file policy AddRule calls fail in Windows SandboxBroker. r=jimm
...
MozReview-Commit-ID: DA5NizLfFfA
--HG--
extra : rebase_source : 23ea76054c98ab071b0d03e5fc0d7e57d1668244
2016-09-12 11:11:22 +01:00
Bob Owen
22830b7f8f
Bug 1287984: Add rule to allow content process to duplicate handles to other non-broker processes. r=jimm
...
MozReview-Commit-ID: A79P9G9t7Ax
--HG--
extra : transplant_source : %C2%0A-%FB%7E%AF%99%95%C7%AF%A6%21%BC%18%D4a%9C%24z%8C
2016-07-20 14:41:18 +01:00
Tom Tromey
5538d692d3
Bug 1286877 - do not set c-basic-offset for python-mode; r=gps
...
This removes the unnecessary setting of c-basic-offset from all
python-mode files.
This was automatically generated using
perl -pi -e 's/; *c-basic-offset: *[0-9]+//'
... on the affected files.
The bulk of these files are moz.build files but there a few others as
well.
MozReview-Commit-ID: 2pPf3DEiZqx
--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
2016-07-14 10:16:42 -06:00
Bob Owen
5714578c95
Bug 1278528: Don't try to initialize the sandbox TargetServices when we are not sandboxed. r=jimm
...
MozReview-Commit-ID: EpXy9LYXwQL
2016-06-07 14:03:51 +01:00
Gabor Krizsanits
6c0e1dc69f
Bug 1146873 - Handling sandbox policy setup failures. r=bobowen
2016-06-06 15:13:33 +02:00
Bob Owen
ecee115838
Bug 1250125: Make a 0 security.sandbox.content.level turn off the content process sandbox. r=TimAbraldes
...
This also fixes a bug where we weren't setting parts of the policy correctly for levels 3 to 9.
MozReview-Commit-ID: IXsg2nGOqoa
--HG--
extra : rebase_source : 65c76a581dcd498c7d7d5b01e4f4e140acdb244f
2016-05-25 09:06:23 +01:00
Ralph Giles
0946db2658
Bug 1271794 - Use SSE2 instructions on win32. r=glandium
...
We've decided supporting the small number of x86 machines
without SSE2 instructions is no longer worth the cost in
developer time nor the performance impact for other users.
https://groups.google.com/d/msg/mozilla.dev.platform/dZC39mj5V-s/Xt_UqZXkAAAJ
Set -arch:SSE2 by default on x86 if an arch hasn't already
been supplied. This ensures we'll continue to build with
the right instruction set if the compiler changes its default
in the future, while still allowing custom builds to set
a lower minimum.
Also updates the filter to strip all arch switches on win64
when building the sandbox. The 64-bit compiler doesn't
support -arch:SSE2 either.
MozReview-Commit-ID: JzTRGPn9vzI
2016-05-18 11:06:30 -07:00
Bob Owen
e809e9f918
Bug 1035125 Part 9: Link Chromium sandbox into firefox.exe instead of having a separate DLL. r=aklotz,glandium
...
MozReview-Commit-ID: 1vgDPjpcwz3
--HG--
extra : rebase_source : 40966d98ca6c37f30884639d648907b4760ae240
2016-05-15 16:41:40 +01:00
Bob Owen
c43bf02cda
Bug 1035125 Part 8: Pass sandboxing pointers through XRE_InitChildProcess instead of linking to more functions in xul. r=aklotz,glandium
...
MozReview-Commit-ID: 5AiktOArpfU
--HG--
extra : rebase_source : 1ba3be949e2bfeb3b67687ab05d43342852ab764
2016-05-15 16:35:22 +01:00
Chris Pearce
114ad957d2
Bug 1245789 - Load Widevine CDM with sandbox level USER_RESTRICTED instead of USER_LOCKDOWN. r=bobowen
...
Otherwise Widevine CDM won't load on Windows. Other GMPs are still loaded at USER_LOCKDOWN.
MozReview-Commit-ID: aCTG1tQuwt
2016-04-12 16:12:20 +12:00
Bob Owen
907939a278
Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz
...
MozReview-Commit-ID: Fu05wLn27UG
2016-04-07 08:28:14 +01:00
Bob Owen
db4259c176
Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley
2016-03-23 08:10:43 +00:00
Carsten "Tomcat" Book
417d5d9533
Backed out changeset 0fedfd441a06 (bug 1256992) for gtest failures
2016-03-22 09:54:55 +01:00
Bob Owen
72e4566fa4
Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley
2016-03-22 07:40:03 +00:00
Ehsan Akhgari
f9727da7b1
Bug 1188045 - Part 1: Move the definition of sandboxTarget::Instance() out-of-line; r=bobowen,glandium
...
This is required so that delay-loading xul.dll works with clang-cl.
2016-02-22 09:55:09 -05:00
Bob Owen
ed46787107
Bug 1219369: In Windows debug builds allow write access to TEMP for logging purposes. r=tabraldes
2016-02-09 08:31:18 +00:00