security/sandbox/linux/Sandbox.cpp
5f4630838d46dd81dadb13220a4af0da9e23a619
created 2019-01-18 10:16 +0100
pushed 2019-01-19 09:59 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1521000 - Part 2: Adjust our clang-format rules to include spaces after the hash for nested preprocessor directives r=sylvestre
6f3709b3878117466168c40affa7bca0b60cf75b
created 2018-11-30 11:46 +0100
pushed 2018-11-30 11:01 +0000
Sylvestre Ledru Sylvestre Ledru - Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
b54db66223586b4e04f5cb926fccdacf8a176b91
created 2018-05-30 21:15 +0200
pushed 2018-06-01 22:02 +0000
Emilio Cobos Álvarez Emilio Cobos Álvarez - Bug 1465585: Switch from mozilla::Move to std::move. r=froydnj
07b6161c7f60c5bc4d71388d952f1e643cdc8837
created 2018-03-07 18:55 -0700
pushed 2018-03-09 09:59 +0000
Jed Davis Jed Davis - Bug 1434392 - Don't preload libmozsandbox in grandchild processes, only the sandboxed children themselves. r=gcp
bb5e75c2d0c8473678517965ad6e6d0ff3c323fb
created 2018-01-23 22:35 -0700
pushed 2018-01-24 21:56 +0000
Jed Davis Jed Davis - Bug 1126437 - Reorganize content sandbox params extracted from libxul APIs. r=gcp
bd7ff5744eb29e105b7b3c37cb5f46164fa11ef4
created 2018-01-09 19:54 -0700
pushed 2018-01-23 00:20 +0000
Jed Davis Jed Davis - Bug 1401062 - Avoid doing sandbox-related things to unsandboxed child processes. r=gcp
400800683ab64f40bade321bf05f5db03ff3ebd5
created 2017-10-06 17:16 -0600
pushed 2018-01-23 00:20 +0000
Jed Davis Jed Davis - Bug 1401062 - Create Linux child processes with clone() for namespace/chroot sandboxing. r=gcp
0a64770aace0e8fa74b972a03a610ceaaec73161
created 2017-08-31 20:38 -0600
pushed 2018-01-23 00:20 +0000
Jed Davis Jed Davis - Bug 1401062 - Delete the old namespace/chroot code and reorganize sandbox init. r=gcp
8be14b21f4b1badb69cb3c65e0574091584db60c
created 2017-12-08 17:31 -0700
pushed 2017-12-21 10:02 +0000
Jed Davis Jed Davis - Bug 1393287 - Intercept sigaction() to fix signal masks for sandboxing. r=gcp
095928b49caa8918ac6354044100ed3be6c0b9f6
created 2017-12-19 02:49 +0200
pushed 2017-12-19 10:06 +0000
Csoregi Natalia Csoregi Natalia - Backed out changeset 8a71f6e05783 (bug 1393287) for Hazard Build Bustage. r=backout on a CLOSED TREE
8a71f6e05783c13f38d5bcc9733e955b9fd7543b
created 2017-12-08 17:31 -0700
pushed 2017-12-19 10:06 +0000
Jed Davis Jed Davis - Bug 1393287 - Intercept sigaction() to fix signal masks for sandboxing. r=gcp
7e53467676cac3f79f79c3f183d6b5cc58835aa2
created 2017-10-25 17:58 -0600
pushed 2017-10-27 09:43 +0000
Jed Davis Jed Davis - Bug 1410241 - Don't call destructors on objects we use in the SIGSYS handler. r=gcp
1efacc8c49ba68b524de18c6b30153cb78e524d2
created 2017-07-26 12:50 -0600
pushed 2017-07-27 08:57 +0000
Jed Davis Jed Davis - Backed out 3 changesets (bug 1383007, bug 1376910)
167f91f87172c3fd4ca7ac8f8e1f6bd6a2bf2dc1
created 2017-07-24 16:32 +0200
pushed 2017-07-25 12:27 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Support file process, whitelist path prefs. r=jld
17e2e2aa8f56546d6749d41266af06b7390df7db
created 2017-06-28 07:11 -0700
pushed 2017-07-19 23:32 +0000
Jed Davis Jed Davis - Bug 1376910 - Unshare the SysV IPC namespace in content processes. r=gcp
52e1b27c1cb085997440183cf28686c36f5591b3
created 2017-07-07 08:58 -0600
pushed 2017-07-07 22:59 +0000
Jed Davis Jed Davis - Bug 1372428 - Extend file pre-opening for sandboxed media plugins. r=gcp
f7450fa2d7aa1590ac6a4954dbfc4cd8a9557254
created 2017-06-07 16:33 -0600
pushed 2017-06-10 09:14 +0000
Jed Davis Jed Davis - Bug 1362601 - Don't crash on sandbox violation if known-problem injected libs are present. r=gcp
f73368ed36cf12bf18f7d66f370d5cd6b8a5e8db
created 2017-01-30 18:49 -0700
pushed 2017-02-21 13:16 +0000
Jed Davis Jed Davis - Bug 1286865 - Step 1: Gather syscall info from SIGSYS handlers into the parent process. r=gcp
7781de08a1c6d84a92e9d54a78ac9f54f8c4c240
created 2017-01-27 14:25 -0700
pushed 2017-02-21 13:16 +0000
Jed Davis Jed Davis - Bug 1286865 - Step 0: Turn off crash-on-seccomp-fail by default on non-nightly. r=gcp
adab5d5d0372d1a26685d6fbc59cdfc977ad76c6
created 2017-01-31 13:06 +0100
pushed 2017-01-31 12:06 +0000
Olli Pettay Olli Pettay - Bug 1335323 - Move vector include to sandbox header to fix bustage. r=bustage-fix a=bustage-fix
50ff055b70fe829d26c01342a906d53c1d41e645
created 2017-01-26 19:59 +0100
pushed 2017-01-30 23:22 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Make sandboxing policy more configurable via preferences. r=jld
2633df8bf5d3969230f0627eda9c01e239f1091d
created 2017-01-27 20:59 +0100
pushed 2017-01-28 00:32 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset e87ae43ca443 (bug 1330326)
e87ae43ca44332a0bf30a4151b57cbb9b8e369ac
created 2017-01-26 19:59 +0100
pushed 2017-01-28 00:32 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Make sandboxing policy more configurable via preferences. r=jld
26025c7f0d298872c5fe88739c9897254da6fc75
created 2016-12-06 12:38 -1000
pushed 2016-12-07 10:30 +0000
Jed Davis Jed Davis - Bug 1257361 - Simplify detecting threads that already have seccomp-bpf applied. r=tedd r=gcp
97bf9717631977f76a43fadd51c99dea1df770c6
created 2016-11-04 18:16 -0600
pushed 2016-11-05 20:41 +0000
Jed Davis Jed Davis - Bug 1313218 - Preload libmozsandbox.so in child processes on Linux. r=tedd r=billm r=glandium
8b07f481251c7c1aa8911e5f53f26d0c71f14dfc
created 2016-10-26 16:57 -0600
pushed 2016-10-27 14:45 +0000
Jed Davis Jed Davis - Bug 1268733 - Move Linux sandboxing code back out to libmozsandbox.so. r=gcp r=glandium
7fcfb1c3b654b1fae9532044c0b7731af49b38e7
created 2016-10-26 16:57 -0600
pushed 2016-10-27 14:45 +0000
Jed Davis Jed Davis - Bug 1268733 - Move sandbox interposition shims to their own static library. r=gcp r=glandium
a46f0e32289bb8975eef7f87d14cbd71c9c10582
created 2016-09-06 08:57 +0100
pushed 2016-09-06 13:28 +0000
Bob Owen Bob Owen - Bug 1287426 Part 3: Update security/sandbox/chromium/ to commit 4ec79b7f2379a60cdc15599e93255c0fa417f1ed. r=aklotz, r=jld
564549c354b038a465c0b3fc245da3cab8753eab
created 2016-08-23 12:09 +0800
pushed 2016-08-25 12:11 +0000
Kan-Ru Chen Kan-Ru Chen - Bug 1297276 - Rename mfbt/unused.h to mfbt/Unused.h for consistency. r=froydnj
c4de227304aa18ceb41047e222272f22fd99d5f9
created 2016-08-02 14:54 +0200
pushed 2016-08-04 13:53 +0000
Alexandre Lissy Alexandre Lissy - Bug 1284674 - Remove NUWA r=cyu
d9bbe09fe56179b84b5998b84ad726c630a1667b
created 2016-07-25 13:21 +0200
pushed 2016-07-26 15:00 +0000
Haik Aftandilian Haik Aftandilian - Bug 1274540 - Record sandboxing status in crash reports; r=gcp
17c1f2315eb528745cfc7b73b1f5dc6cfcf7a35c
created 2016-05-26 16:20 +0200
pushed 2016-06-07 14:47 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 2: Move signal handler set up to SandboxEarlyInit() r=jld
1526b47e25e446cbbbaee357ed3d643fef45eb2a
created 2016-05-26 16:19 +0200
pushed 2016-06-07 14:47 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 1: Change search order for free signal r=jld
25cf270ae8c54aae735d5657cb5118a277eeef0a
created 2016-06-07 12:07 +0200
pushed 2016-06-07 14:47 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset ae5286493f15 (bug 1274873) for frequent timeouts in browser_ManifestObtainer_obtain.js
b070f6f0ace20cba6b74f269af0c3a5b0bbe229b
created 2016-06-07 12:06 +0200
pushed 2016-06-07 14:47 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 62646bfa1f95 (bug 1274873)
62646bfa1f953b5e89aef58e9879dd2f139610f0
created 2016-05-26 16:20 +0200
pushed 2016-06-07 14:47 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 2: Move signal handler set up to SandboxEarlyInit() r=jld
ae5286493f1570628d17c1d81a73a782291dd613
created 2016-05-26 16:19 +0200
pushed 2016-06-07 14:47 +0000
Julian Hector Julian Hector - Bug 1274873 - Part 1: Change search order for free signal r=jld
3d67e45f994a3ae1ae43479c32c2ed63bbf1a7c8
created 2016-04-27 14:16 +1000
pushed 2016-04-29 21:57 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1267550 (part 2) - Rename MOZ_WARN_UNUSED_RESULT as MOZ_MUST_USE. r=froydnj.
c23905a01c29f257f64db3e627d07a1eb71eb0d0
created 2015-11-30 18:21 +0100
pushed 2015-12-17 10:59 +0000
Jed Davis Jed Davis - Bug 1222500 - Handle unexpected thread creation better on desktop Linux. r=gdestuynder
7ec70e0c699746cf72e03acadc09d0d5877423d0
created 2015-11-02 07:53 +0200
pushed 2015-11-02 10:56 +0000
Birunthan Mohanathas Birunthan Mohanathas - Bug 1219392 - Capitalize mozilla::unused to avoid conflicts. r=froydnj
f5e11173ec72ac5c700ea1e19fc9a87375bde41a
created 2015-10-07 22:13 -0700
pushed 2015-10-08 13:27 +0000
Jed Davis Jed Davis - Bug 930258 - Part 2: seccomp-bpf integration. r=kang
10e3f62dc8a66c514fd1b3b42604cc5b7be8ebdc
created 2015-08-28 13:37 +0200
pushed 2015-09-11 14:37 +0000
Jed Davis Jed Davis - Bug 1199481 - Complain more when entering sandboxing code as root. r=kang
0d99e927527b2300dacfbc641e4af1249f46d604
created 2015-08-28 12:18 +0200
pushed 2015-09-11 14:37 +0000
Jed Davis Jed Davis - Bug 1199413 - Fix MOZ_DISABLE_GMP_SANDBOX so it disables all the sandboxing. r=kang
d9a56e97c6b1a4184deaf3f9c7b8a8872bd7fd21
created 2015-08-11 16:30 -0400
pushed 2015-08-14 19:16 +0000
Jed Davis Jed Davis - Bug 1004011 - Support SECCOMP_FILTER_FLAG_TSYNC if available. r=kang
2fb5a54331e35ec6fe1687a9cb9a1dcbc51d325a
created 2015-07-09 12:09 +0200
pushed 2015-07-21 14:57 +0000
Jed Davis Jed Davis - Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=gdestuynder r=glandium
201c980cabe7cc195dd9c1dddcd70fe73f1408b5
created 2015-07-13 16:51 -0700
pushed 2015-07-14 10:23 +0000
Wes Kocher Wes Kocher - Backed out 2 changesets (bug 1181704) for static build bustage CLOSED TREE
fbf7aca43c3a79cabf6bc05adc80dc930cae43f3
created 2015-07-13 16:17 -0700
pushed 2015-07-14 10:23 +0000
Jed Davis Jed Davis - Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=kang r=glandium
513d62fe75c9d136042f9ca85b017d3aad3cdc37
created 2015-06-19 14:26 -0700
pushed 2015-06-22 12:03 +0000
Jed Davis Jed Davis - Bug 1176085 - Fix second/nanosecond confusion in Linux sandbox start error case. r=kang
6e2d23f31eebabd6264b27e5a96505e113394bed
created 2015-06-10 13:38 -0400
pushed 2015-06-12 18:57 +0000
Jed Davis Jed Davis - Bug 1168555 - Work around Nuwa not always being single-threaded when a normal content process is. r=kang
6522add87d6bb4fa693c3089cc0c0e10ba77c301
created 2015-06-05 15:17 -0700
pushed 2015-06-08 09:58 +0000
Jed Davis Jed Davis - Bug 1055310 - Step 3: Move syscall interceptions into SandboxFilter.cpp. r=kang
b3f98086e8cc3cbf7cd17d8336e2bce77c255252
created 2015-06-05 15:17 -0700
pushed 2015-06-08 09:58 +0000
Jed Davis Jed Davis - Bug 1055310 - Step 2: Move SIGSYS handling to Chromium TrapRegistry. r=kang
32872aebf4abd375c974f1c752967de182680323
created 2015-06-05 15:17 -0700
pushed 2015-06-08 09:58 +0000
Jed Davis Jed Davis - Bug 1055310 - Step 1: Convert seccomp-bpf policies to Chromium PolicyCompiler. r=kang
acc410f0b28ca4affaed71fd1bfb0330a3c33072
created 2015-04-10 18:05 -0700
pushed 2015-04-13 10:00 +0000
Jed Davis Jed Davis - Bug 1151607 - Step 2: Apply net/ipc namespace separation and chroot to media plugins. r=kang
4ed5d64f054ba283f8a47c698daa38c124c8bacc
created 2015-04-10 18:05 -0700
pushed 2015-04-13 10:00 +0000
Jed Davis Jed Davis - Bug 1151607 - Step 1: Add Linux sandboxing hook for when child processes are still single-threaded. r=kang r=bent
53a41684adcbca8801d9d208a2d3d42a2a8a11d4
created 2015-04-10 18:05 -0700
pushed 2015-04-13 10:00 +0000
Jed Davis Jed Davis - Bug 1151607 - Step 0: sort includes to make the following patches cleaner. r=kang
3928ee1b0381453833c00fbe1e1b72a26143f13a
created 2015-01-11 11:34 +0900
pushed 2015-01-12 10:44 +0000
Masatoshi Kimura Masatoshi Kimura - Bug 1120062 - Part 1: Remove most Nullptr.h includes. r=waldo
1e0944ec79a6a270e0d4ddb1ab20fb4631c9186d
created 2014-12-10 17:26 -0800
pushed 2014-12-12 01:30 +0000
Jed Davis Jed Davis - Bug 1093334 - Adjust includes of Linux sandboxing headers from Chromium. r=kang
d06d1a469bb1962807e29e036666e06c4f5670e5
created 2014-11-24 15:22 -0800
pushed 2014-11-25 11:48 +0000
Jed Davis Jed Davis - Bug 1101170 - Move Linux sandbox code into plugin-container on desktop. r=kang r=glandium
0b3bfc3c27913e0be76dda67798865cf3c270f58
created 2014-11-24 15:22 -0800
pushed 2014-11-25 11:48 +0000
Jed Davis Jed Davis - Bug 1101170 - Move sandbox status info into a separate module. r=kang r=glandium
09cbdbb68a5c9a35628d08293ba37523a5f996ba
created 2014-11-06 13:11 +0100
pushed 2014-11-07 13:34 +0000
Jed Davis Jed Davis - Bug 1077057 - Expose Linux sandboxing information to JS via nsSystemInfo. r=kang r=froydnj
less more (0) -60 tip