Closed
Bug 979590
Opened 10 years ago
Closed 10 years ago
--enable-content-sandbox-reporter by default
Categories
(Core :: Security, defect)
Tracking
()
RESOLVED
FIXED
mozilla30
People
(Reporter: jld, Assigned: jld)
References
Details
Attachments
(1 file)
644 bytes,
patch
|
khuey
:
review+
kang
:
review+
|
Details | Diff | Splinter Review |
Currently we use gonk-misc/default-gecko-config to add --enable-content-sandbox-reporter on b2g eng builds, but I feel that we'd want the crash reporter integration on production builds as well, so that if any sandboxing oversights make it past testing we'll be aware of that instead of not. Consensus seems to be that not immediately killing the process isn't a significant change in security — in particular, the seccomp filter program is public, so being able to probe it by catching the SIGSYS isn't useful.
Assignee | ||
Comment 1•10 years ago
|
||
Trying: https://tbpl.mozilla.org/?tree=Try&rev=dd3a4274c75b Tested locally with a userdebug build (and a modified seccomp_filter.h).
Attachment #8386473 -
Flags: review?(khuey)
Attachment #8386473 -
Flags: review?(gdestuynder)
Attachment #8386473 -
Flags: review?(khuey) → review+
Attachment #8386473 -
Flags: review?(gdestuynder) → review+
Assignee | ||
Updated•10 years ago
|
Keywords: checkin-needed
Comment 2•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/c0b60e7ec860
Keywords: checkin-needed
Comment 3•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/c0b60e7ec860
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla30
You need to log in
before you can comment on or make changes to this bug.
Description
•