Closed Bug 1077057 Opened 10 years ago Closed 10 years ago

Expose Linux sandboxing status in an about: page

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
All
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla36

People

(Reporter: jld, Assigned: jld)

References

Details

Attachments

(2 files, 3 obsolete files)

Step 2: Include Linux sandboxing information in about:support. [v2]
5.40 KB, patch
jld
: review+
Details | Diff | Splinter Review
Step 1: Expose Linux sandboxing information to JS via nsSystemInfo. [v2]
11.95 KB, patch
froydnj
: review+
Details | Diff | Splinter Review
Linux has a number of sandboxing / security hardening features whose availability varies widely (and not always very predictably) among distributions and versions and sometimes local configuration. It would be useful for a knowledgeable user or developer to be able to see the status of the features relevant to Firefox. This could be similar to Chromium's about:sandbox page, which displays the information in a simple textual format.
r?(kang) for the sandbox side; r?(bsmedberg) for the nsSystemInfo side after browsing the history looking for vaguely similar commits.
Attachment #8514673 - Flags: review?(gdestuynder)
Attachment #8514673 - Flags: review?(benjamin)
I'm a little unclear on how this maps to the module/review system; please adjust flags if needed.
Attachment #8514676 - Flags: review?(bzbarsky)
Does this need to be a separate page rather than something we can include in about:support?
Flags: needinfo?(jld)
(In reply to Benjamin Smedberg [:bsmedberg] from comment #3) > Does this need to be a separate page rather than something we can include in > about:support? That's a good point. Probably not.
Flags: needinfo?(jld)
Attachment #8514676 - Flags: review?(bzbarsky)
Comment on attachment 8514673 [details] [diff] [review] Step 1: Expose Linux sandboxing information to JS via nsSystemInfo. Review of attachment 8514673 [details] [diff] [review]: ----------------------------------------------------------------- Good idea! only looked at the Sandbox.* files - looks good to me
Attachment #8514673 - Flags: review?(gdestuynder) → review+
Now with the information in about:support#sandbox instead of a separate page. https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=9bedbe344b27
Attachment #8514676 - Attachment is obsolete: true
Attachment #8517105 - Flags: review?(bmcbride)
Attachment #8514673 - Flags: review?(benjamin) → review?(nfroyd)
Comment on attachment 8514673 [details] [diff] [review] Step 1: Expose Linux sandboxing information to JS via nsSystemInfo. Review of attachment 8514673 [details] [diff] [review]: ----------------------------------------------------------------- xpcshell tests for this would be great...is that hard to do on the build machines? ::: xpcom/base/nsSystemInfo.cpp @@ +363,5 @@ > + > + SandboxAvailability sandboxContent = CanSandboxContentProcess(); > + if (sandboxContent != kSandboxingDisabled) { > + SetPropertyAsBool(NS_LITERAL_STRING("canSandboxContent"), > + sandboxContent); Oooo, this is almost a little too clever with the enum values. I think there should be some MOZ_ASSERT sprinkled around here so our cleverness is more explicit: MOZ_ASSERT(sandboxContent == kSandboxingWouldFail || sandboxContent == kSandboxingSupported); static_assert(kSandboxingWouldFail == 0, "..."); static_assert(kSandboxingSupported == 1, "..."); @@ +369,5 @@ > + > + SandboxAvailability sandboxMedia = CanSandboxMediaPlugin(); > + if (sandboxMedia != kSandboxingDisabled) { > + SetPropertyAsBool(NS_LITERAL_STRING("canSandboxMedia"), > + sandboxMedia); Likewise.
Attachment #8514673 - Flags: review?(nfroyd) → review+
Comment on attachment 8517105 [details] [diff] [review] Step 2: Include Linux sandboxing information in about:support. Review of attachment 8517105 [details] [diff] [review]: ----------------------------------------------------------------- ::: toolkit/locales/en-US/chrome/global/aboutSupport.properties @@ +82,5 @@ > > minLibVersions = Expected minimum version > loadedLibVersions = Version in use > + > +hasSeccompBPF = Seccomp-BPF I had to lookup what this was (who names this stuff?!). Turns out Wikipedia (https://en.wikipedia.org/wiki/Seccomp#seccomp-bpf) mentions that Chrome uses this, but has no mention of Firefox - if you have context, perhaps you could add mention of Firefox (and B2G I believe?) supporting this too? ::: toolkit/modules/Troubleshoot.jsm @@ +476,5 @@ > + > + let sysInfo = Cc["@mozilla.org/system-info;1"]. > + getService(Ci.nsIPropertyBag2); > + let data = {}; > + keys.forEach(function(key) { Nit: for-of loops are generally preferred these days, for more modern/readable code. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for...of
Attachment #8517105 - Flags: review?(bmcbride) → review+
Summary: Add an about:sandbox page, at least on Linux → Expose Linux sandboxing status in an about: page
(In reply to Nathan Froyd (:froydnj) from comment #7) > Oooo, this is almost a little too clever with the enum values. I think > there should be some MOZ_ASSERT sprinkled around here so our cleverness is > more explicit: > > MOZ_ASSERT(sandboxContent == kSandboxingWouldFail || sandboxContent == > kSandboxingSupported); > static_assert(kSandboxingWouldFail == 0, "..."); > static_assert(kSandboxingSupported == 1, "..."); The more I think about this, the less I want to inflict it on the world, as opposed to just using an enum normally and changing the call sites. “Explicit is better than implicit”, “code is read much more often than it is written”, etc. (In reply to Blair McBride [:Unfocused] from comment #8) > > +hasSeccompBPF = Seccomp-BPF > > I had to lookup what this was (who names this stuff?!). Turns out Wikipedia > (https://en.wikipedia.org/wiki/Seccomp#seccomp-bpf) mentions that Chrome > uses this, but has no mention of Firefox - if you have context, perhaps you > could add mention of Firefox (and B2G I believe?) supporting this too? Good idea. Also, I think I'll change that label to "Seccomp-BPF (System Call Filtering)", which might at least make it less opaque to someone with enough Unix background to have encountered "system call". > ::: toolkit/modules/Troubleshoot.jsm > @@ +476,5 @@ > > + > > + let sysInfo = Cc["@mozilla.org/system-info;1"]. > > + getService(Ci.nsIPropertyBag2); > > + let data = {}; > > + keys.forEach(function(key) { > > Nit: for-of loops are generally preferred these days, for more > modern/readable code. > https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/ > for...of Thanks; that's a definite improvement.
Attachment #8518432 - Flags: review?(nfroyd) → review+
https://hg.mozilla.org/mozilla-central/rev/09cbdbb68a5c https://hg.mozilla.org/mozilla-central/rev/cca5872f47f4
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla36
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: