Closed Bug 1497643 Opened 6 years ago Closed 6 years ago

Enable Chromium sandbox option MITIGATION_IMAGE_LOAD_PREFER_SYS32 for content processes

Categories

(Core :: Security: Process Sandboxing, enhancement, P1)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
Desktop
Windows
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla64
Tracking Flags:
Tracking Status
firefox64 --- fixed

People

(Reporter: jimm, Assigned: jimm)

Details

(Whiteboard: sb+)

Attachments

(1 file)

patch
1.36 KB, patch
bobowen
: review+
Details | Diff | Splinter Review 
We'd like to turn this on for content. It was recently turned on for the main process through the bootstrap process as well. No major fallout except we had one report of an out of date mozilla dll getting loaded out of the system32 directory. From my understanding we've never installed to system32, so this was probably user error related. 

ni to rstrong on this, Rob, curious have we ever installed things to system32?
Flags: needinfo?(robert.strong.bugs)
I don't recall ever installing into system32. Do you know which mozilla dll was getting loaded out of system32?
Flags: needinfo?(robert.strong.bugs) → needinfo?(jmathies)
mozglue.dll, dated back to 2012. It may have been put there by a 3rd party or just copied there by the user trying to fix something.
Flags: needinfo?(jmathies)
I'm quite certain we've never installed mozglue.dll into system32.
Attached patch patchSplinter Review 
Assignee: nobody → jmathies

        Attachment #9015921 -
        Flags: review?(bobowencode)

    
  

        Attachment #9015921 -
        Flags: review?(bobowencode) → review+

    
    

    
  
Pushed by jmathies@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/cd534905e719
Enable Chromium sandbox option MITIGATION_IMAGE_LOAD_PREFER_SYS32 for content processes. r=bowen

    
  
Priority: -- → P1

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/cd534905e719
Status: NEW → RESOLVED
Closed: 6 years ago

          status-firefox64:
          affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla64

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: