Closed
Bug 1314056
Opened 8 years ago
Closed 8 years ago
Enable Mac content sandbox level 1 in 52
Categories
(Core :: Security: Process Sandboxing, defect)
Tracking
()
RESOLVED
FIXED
mozilla53
People
(Reporter: haik, Assigned: haik)
References
Details
(Whiteboard: sbmc1)
Attachments
(1 file)
58 bytes,
text/x-review-board-request
|
gcp
:
review+
glandium
:
review+
jcristau
:
approval-mozilla-aurora+
|
Details |
This bug covers enabling the Mac content sandbox with level 1 (security.sandbox.content.level=1) in 52. Level 1 removes filesystem write access permission to the majority of the filesystem including the user's home directory. At present, Nightly uses the Mac level 2 sandbox which includes these write access limits.
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → haftandilian
Comment hidden (mozreview-request) |
Comment 2•8 years ago
|
||
mozreview-review |
Comment on attachment 8811532 [details] Bug 1314056 - Enable Mac content sandbox level 1 in 52; https://reviewboard.mozilla.org/r/93610/#review93876
Attachment #8811532 -
Flags: review?(gpascutto) → review+
Assignee | ||
Comment 3•8 years ago
|
||
Adding needinfo? to glandium for the old-configure.in change.
Flags: needinfo?(mh+mozilla)
Comment 4•8 years ago
|
||
mozreview-review |
Comment on attachment 8811532 [details] Bug 1314056 - Enable Mac content sandbox level 1 in 52; https://reviewboard.mozilla.org/r/93610/#review94144
Attachment #8811532 -
Flags: review+
Updated•8 years ago
|
Flags: needinfo?(mh+mozilla)
Assignee | ||
Updated•8 years ago
|
Keywords: checkin-needed
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/bce473db20d7 Enable Mac content sandbox level 1 in 52; r=gcp,glandium
Keywords: checkin-needed
Comment 6•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/bce473db20d7
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox53:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
Assignee | ||
Comment 7•8 years ago
|
||
Comment on attachment 8811532 [details] Bug 1314056 - Enable Mac content sandbox level 1 in 52; Approval Request Comment [Feature/regressing bug #]: Mac content sandbox level 1 (improved security) [User impact if declined]: Users won't have a content sandbox on Mac in build 52. This first iteration of the Mac sandbox blocks web content processes from writing to most filesystem locations. [Describe test coverage new/current, TreeHerder]: Enabled on central since early October via bug 1306508. [Risks and why]: Regresses printing or some unforeseen reason the content process is dependent on writing to filesystem locations that are blocked. [String/UUID change made/needed]: None
Attachment #8811532 -
Flags: approval-mozilla-aurora?
Comment 8•8 years ago
|
||
Comment on attachment 8811532 [details] Bug 1314056 - Enable Mac content sandbox level 1 in 52; mac content sandbox, take in aurora52 (together with bug 1317801)
Attachment #8811532 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Comment 9•8 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-aurora/rev/97862b6aff39
You need to log in
before you can comment on or make changes to this bug.
Description
•