Closed Bug 1800933 Opened 1 year ago Closed 1 year ago

Let Arbitrary Code Guard (ACG) in RDD and WMF ride the trains

Categories

(Core :: Security: Process Sandboxing, enhancement, P2)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
Desktop
Windows
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
109 Branch
Tracking Flags:
Tracking Status
relnote-firefox --- 109+
firefox109 --- fixed

People

(Reporter: yannis, Assigned: yannis)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Bug 1800933 - Let ACG in RDD and WMF ride the trains. r=bobowen
48 bytes, text/x-phabricator-request
Details | Review

In bug 1783223, we have enabled two mitigations behind #ifdef NIGHTLY_BUILD guards:

  • ACG-with-opt-out in RDD and audio utility WMF processes for x86 builds;
  • ACG in RDD for x64 builds (audio utility WMF processes already have ACG on the release channel).

We should consider letting these new mitigations ride the trains.

Severity: -- → S3
Priority: -- → P2
Assignee: nobody → yjuglaret

Bob noted we want this to be controllable via prefs.

Pushed by yjuglaret@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/41d74031b1a0
Let ACG in RDD and WMF ride the trains. r=bobowen

This patch adds two new prefs: security.sandbox.rdd.acg.enabled and security.sandbox.utility-wmf.acg.enabled.

https://hg.mozilla.org/mozilla-central/rev/41d74031b1a0

Status: NEW → RESOLVED
Closed: 1 year ago
status-firefox109: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 109 Branch

Added to the Fx109 relnotes.

relnote-firefox: --- → 109+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: