Closed
Bug 732485
Opened 13 years ago
Closed 13 years ago
Move Flash symbols from symbols_os to a separate symbols_adobe directory
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: benjamin, Assigned: cturra)
References
Details
From the snappy symbolication server security review, we don't want to expose Flash symbols to the symbolication server because it allows a slightly easier way to get full symbols for Flash.
1) configure the processors to use symbols_adobe in addition to the symbols_os location
2) move symbols_os/NPSWF32.pdb and NPSWF64.pdb to symbols_adobe
3) make symbols_adobe inaccessible to breakpad-symbolapi1.dmz.phx1.mozilla.com
|
||
Comment 1•13 years ago
|
||
There's also symbols_os/FlashPlayer-10.6/, symbols_os/FlashPlayer-10.4-10.5/, symbols_os/libflashplayer.so/ and others matching symbols_os/lib*flash*
There's also symbols_os/QuickTime and a few other plugins
|
Reporter | |
Comment 2•13 years ago
|
||
Ted, is QuickTime something that Apple gave us specially, or is it just a transformed version of symbols already on the OS?
|
||
Comment 3•13 years ago
|
||
Only the NPSWF{32,64}.pdb and FlashPlayer-*10.* symbols are provided by Adobe. The others are just scraped public symbols from OS libraries.
Is there a reason we're particularly concerned about exposing this data? All the function names/filenames are hashed, it's just unwind data + mappings to those hashed names. (Currently we only expose the hashed data on crash-stats.)
|
|
||
Comment 4•13 years ago
|
||
Also I might go a little more general here and make it symbols_thirdparty or something, so if we get symbols from other third parties we can put them there as well.
|
|
Reporter | |
Comment 5•13 years ago
|
||
The concern was generated from the snappy server security review: these symbols aren't useful (because Flash doesn't have frame pointers) and there was concern that this makes it a lot easier to get a full list of Flash (and hopefully Intel) functions for disassembly.
I figured it would be better to have each source have a separate directory structure so that we could partition things more easily.
|
|
||
Comment 6•13 years ago
|
||
I'd like this for another reason now: we'd like to have Adobe upload their own symbols (bug 753470), so it'd be useful to have a separate directory to upload to.
|
|
||
Updated•13 years ago
|
Assignee: nobody → server-ops
Component: Infra → Server Operations
Product: Socorro → mozilla.org
QA Contact: infra → phong
Version: unspecified → other
|
|
||
Updated•13 years ago
|
Group: mozilla-corporation-confidential
|
||
Updated•13 years ago
|
Component: Server Operations → Server Operations: Web Operations
QA Contact: phong → cshields
|
|
||
Comment 7•13 years ago
|
||
This is on pio-netapp-a:/vol/pio_symbols in PHX, FWIW.
|
||
Updated•13 years ago
|
Assignee: server-ops → cturra
|
|
Assignee | |
Comment 8•13 years ago
|
||
as requested, all the flash symbols have been moved to a symbols_adobe directory.
[root@symbols1.dmz.phx1 symbols_adobe]# ls -1
FlashPlayer-10.4-10.5
FlashPlayer-10.6
libflashhwrenderer.so
libflashlite_jni.so
libflashlitepackage.so
libflashliteplugin.so
libflashlite.so
libflashplayer.so
libflashsnddec.so
libmotflashplayer.so
libnvflash.so
NPSWF32.pdb
NPSWF64.pdb
an adobe-symbols user has also been created, per bug 753470, we're just waiting on a(n) ssh public key(s) to be provided. for ease of use, i have placed a symlink to the adobe_symbols directory in the adobe-symbols users home directory.
[root@symbols1.dmz.phx1 symbols_adobe]# ls -l /home/adobe-symbols/adobe_symbols
lrwxrwxrwx 1 adobe-symbols adobe-symbols 35 Jun 22 12:13 /home/adobe-symbols/adobe_symbols -> /mnt/netapp/breakpad/symbols_adobe
Status: NEW → ASSIGNED
|
|
Reporter | |
Comment 9•13 years ago
|
||
Has the processor config already been updated to use the new directory?
|
|
||
Comment 10•13 years ago
|
||
(In reply to Benjamin Smedberg [:bsmedberg] from comment #9)
> Has the processor config already been updated to use the new directory?
Now it has, in bug 767539
|
|
Assignee | |
Updated•13 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
|
||
Comment 11•13 years ago
|
||
(In reply to Chris Turra [:cturra] from comment #8)
> [root@symbols1.dmz.phx1 symbols_adobe]# ls -1
> FlashPlayer-10.4-10.5
> FlashPlayer-10.6
> libflashhwrenderer.so
> libflashlite_jni.so
> libflashlitepackage.so
> libflashliteplugin.so
> libflashlite.so
> libflashplayer.so
> libflashsnddec.so
> libmotflashplayer.so
> libnvflash.so
> NPSWF32.pdb
> NPSWF64.pdb
This was a little overzealous, there are a few things in there that aren't from Adobe, but it's not critical.
|
||
Updated•12 years ago
|
Component: Server Operations: Web Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
|
||
Updated•6 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•