security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
baa17deb7a522f45d3ef411b423efbc3eda7e2ae
created 2017-08-04 09:48 +0200
pushed 2017-08-04 07:49 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1385891 - Whitelist things in the extension dir, not just the dir itself. r?jld draft
9724d06abb63a43d0d775ce1d1871247e6a51b3c
created 2017-08-02 12:02 +0200
pushed 2017-08-03 12:39 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1385715 - Add support for WebGL on NVIDIA PRIME. r=jld
9a01a7a8bb4ed0b568b34dbed9bf2ede5577f274
created 2017-08-02 11:51 +0200
pushed 2017-08-03 12:39 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1385253 - Whitelist main NixOS data store directory. r=jld
1c21f21d04cddd6c00e5f495c6686c671aa9cac1
created 2017-08-03 12:31 +0200
pushed 2017-08-03 10:32 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1386558 - Check sandboxing level 2 after permissions are available. r=jld draft
6f1914a4f241b8ac62953de069296397b7645cd1
created 2017-08-02 17:11 -0700
pushed 2017-08-03 01:05 +0000
Wes Kocher Wes Kocher - Merge inbound to central, a=merge
0a4f643f1efe19fa36ba870eaedd6eb0b5863911
created 2017-08-02 12:02 +0200
pushed 2017-08-02 10:02 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1385715 - Add support for WebGL on NVIDIA PRIME. r?jld draft
d7e0a38ff3db5d8e8bd7e68387dc4b5601115e2f
created 2017-08-02 11:51 +0200
pushed 2017-08-02 09:53 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1385253 - Whitelist main NixOS data store directory. r?jld draft
91c199a959d43c0e14f5986ea0f924471cfd7946
created 2017-08-02 11:38 +0200
pushed 2017-08-02 09:39 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1386558 - Check sandboxing level 2 after permissions are available. r?jld draft
7cf51237c6cf93221675e5f6303b147f377dc447
created 2017-07-31 18:19 +0200
pushed 2017-08-02 09:39 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1385891 - Whitelist extensions dir in the profile. r=jld
29fd2ffa843b288e06e34caf11e580549bd8252b
created 2017-07-31 17:58 +0200
pushed 2017-08-02 09:39 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1384483 - Allow reading userContent.css in the sandbox. r=jld
a3ced6b85bda58605e9270ff8ecf2b9cff2fc12d
created 2017-08-01 18:17 -0700
pushed 2017-08-02 05:25 +0000
Wes Kocher Wes Kocher - Backed out 2 changesets (bug 1384986) for failures in browser_content_sandbox_fs.js a=backout
79f89b6918a3d9969d3be3e70a8e8b68d6b1ad76
created 2017-07-27 12:41 -0600
pushed 2017-08-01 22:54 +0000
Jed Davis Jed Davis - Bug 1384986 - Fix PulseAudio breakage caused by read restrictions. r=gcp draft
37efeccca5f2a6d69774de7bbabdbb43876baa38
created 2017-07-27 11:32 -0600
pushed 2017-08-01 22:54 +0000
Jed Davis Jed Davis - Bug 1384986 - Fix DConf breakage caused by read restrictions. r=gcp draft
8b168e291469efb3afb90754a2833c07dd815e9f
created 2017-07-31 18:19 +0200
pushed 2017-07-31 16:19 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1385891 - Whitelist extensions dir in the profile. r?jld draft
0c8355b34e79d8b0f4ec744a6f2b8b4414e0ab5c
created 2017-07-31 17:58 +0200
pushed 2017-07-31 15:59 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1384483 - Allow reading userContent.css in the sandbox. j?jld draft
2b347fb55a9965acec727f6e40671ba859636603
created 2017-07-31 14:28 +1000
pushed 2017-07-31 12:53 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1384835 (part 3, attempt 2) - Remove the Preferences::Get*CString() variants that return nsAdoptingCString. r=froydnj.
00167e9fe0c0fc573801eb8a905eb3822290c2da
created 2017-07-29 13:05 -0400
pushed 2017-07-30 13:32 +0000
Thomas Daede Thomas Daede - Bug 1384718 - Add sandbox rules for Mesa 17.1 driver loader. r=gcp
88e14ba4308e1ca878548a2b1616276c7b543c39
created 2017-07-28 10:29 +0200
pushed 2017-07-28 13:05 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset ef5feef07bed (bug 1384835)
ef5feef07bed07583c52e434dbc5e4b9a2545deb
created 2017-07-27 16:45 +1000
pushed 2017-07-28 13:05 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1384835 (part 3) - Remove the Preferences::Get*CString() variants that return nsAdoptingCString. r=froydnj.
179171cf51c10c88228c3c023454daaaf1f76d78
created 2017-07-27 12:41 -0600
pushed 2017-07-27 23:58 +0000
Jed Davis Jed Davis - Bug 1384986 - Fix PulseAudio breakage caused by read restrictions. r?gcp draft
97838e43a15a3129a803fa2964da72aaabf7f41b
created 2017-07-27 11:32 -0600
pushed 2017-07-27 23:58 +0000
Jed Davis Jed Davis - Bug 1384986 - Fix DConf breakage caused by read restrictions. r?gcp draft
167f91f87172c3fd4ca7ac8f8e1f6bd6a2bf2dc1
created 2017-07-24 16:32 +0200
pushed 2017-07-24 21:09 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Support file process, whitelist path prefs. r=jld
5202dd1a9e218f133380a7fd4b1257d8a99f9c55
created 2017-07-21 10:45 +1000
pushed 2017-07-21 03:24 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1382099 - Remove MOZ_WIDGET_GONK from security/. r=jld.
2b325081157df7146a309b2cc30ba238738400fd
created 2017-06-30 23:12 +0200
pushed 2017-06-30 21:17 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Support file process, whitelist path prefs. r?jld draft
6352096eb0de303cba9440092279e4254a1ec586
created 2017-06-20 19:19 +1000
pushed 2017-06-23 12:00 +0000
Nicholas Nethercote Nicholas Nethercote - Bug 1374580 (part 3) - Remove ns{,C}Substring typedefs. r=froydnj.
8b5081971170f9d7a04f15483f34d118d691fcab
created 2017-06-09 19:42 +0200
pushed 2017-06-09 18:02 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Symlink handling for read brokering. r?jld draft
efcfc5178086c5c3b5ead9fac25b91c61129f04d
created 2017-06-09 19:40 +0200
pushed 2017-06-09 18:02 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Exclude the repo dir in development builds. r?Alex_Gaynor draft
53d6db9aefeaddb8591ce08783fc52f23f0636dc
created 2017-06-09 19:33 +0200
pushed 2017-06-09 18:02 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Support file process, whitelist path prefs. r?jld draft
0d5ae200e069f348555b175c339ea0f1443eec7c
created 2017-05-30 07:10 -0600
pushed 2017-06-07 22:13 +0000
Jed Davis Jed Davis - Bug 1321134 - Allow access to dconf shared-memory flags. r=gcp,glandium
d6533cdccc201b17726aa6a40cb4012d2d64f65a
created 2017-06-01 10:38 -0400
pushed 2017-06-01 14:46 +0000
Alex Gaynor Alex Gaynor - Bug 1365257 - Further consolidate the configuration of the content sandbox draft
39941ecd60960ab28f5839eb0dabae669c1ab391
created 2017-05-12 17:04 -0400
pushed 2017-06-01 12:49 +0000
Alex Gaynor Alex Gaynor - Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm
8c82d1ad582f2362076dbcb06312ff4606cce8ef
created 2017-05-31 21:34 +0200
pushed 2017-05-31 21:41 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset 4e283b54baa6 (bug 1358223) for build bustage on Android at dom/ipc/ContentChild.cpp:21. r=backout
892f3f19f619261c2ecef9d3e967441951126c75
created 2017-05-30 07:10 -0600
pushed 2017-05-31 05:02 +0000
Jed Davis Jed Davis - Bug 1321134 - Allow access to dconf shared-memory flags. r?gcp draft
0bded9e36505b6984ba28195f7ece071a67774c2
created 2017-04-25 10:03 -0400
pushed 2017-05-12 14:44 +0000
Alex Gaynor Alex Gaynor - Bug 1358223 - On Windows and macOS hardcode the minimum content sandbox level at 1. draft
d36d5bdecbe5ac81830a3f54b30d1daf92b5997e
created 2017-04-25 10:03 -0400
pushed 2017-05-12 14:19 +0000
Alex Gaynor Alex Gaynor - Bug 1358223 - On Windows and macOS hardcode the minimum content sandbox level at 1. draft
7bebe77f3885451dc4605d7f16a9e1a5ef663a78
created 2017-04-25 10:03 -0400
pushed 2017-05-02 14:23 +0000
Alex Gaynor Alex Gaynor - Bug 1358223 - On Windows and macOS hardcode the minimum content sandbox level at 1. draft
4478f2e6f17145eca168e5d9e20693373ba17723
created 2017-04-25 10:03 -0400
pushed 2017-04-28 19:44 +0000
Alex Gaynor Alex Gaynor - Bug 1358223 - On Windows and macOS hardcode the minimum content sandbox level at 1. draft
41a4c78308c80e04e2f48d359866e35593db5108
created 2017-04-25 20:17 +0200
pushed 2017-04-25 18:18 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Add a preference for whitelisting read paths. r?jld draft
8cfe59dc71ca7efa657aefa3c9c5ee7ae236441c
created 2017-04-25 20:06 +0200
pushed 2017-04-25 18:18 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308400 - Add read blocking policy with symlink handling. r?jld draft
05d9746016f47666c00390aacc9f9d62c8ffffb4
created 2017-02-24 17:04 +0100
pushed 2017-02-25 15:06 +0000
Sylvestre Ledru Sylvestre Ledru - Move to 99 chars instead of 80 draft
cbb8fdf1daf98a15f7d57f6b08d273bdf96aa1a0
created 2017-02-24 09:55 +0100
pushed 2017-02-25 15:06 +0000
Sylvestre Ledru Sylvestre Ledru - indent all but js/ draft
058d894f8fd021a9643d0fdec89ce8e84fd458a7
created 2017-01-26 19:59 +0100
pushed 2017-01-30 11:35 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Make sandboxing policy more configurable via preferences. r?jld draft
2633df8bf5d3969230f0627eda9c01e239f1091d
created 2017-01-27 20:59 +0100
pushed 2017-01-28 05:04 +0000
Sebastian Hengst Sebastian Hengst - Backed out changeset e87ae43ca443 (bug 1330326)
557cdfd47ad9b32d18af2204b2378e7a4e7a9e16
created 2017-01-24 11:30 +0100
pushed 2017-01-24 11:10 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Make sandboxing policy more configurable via preferences. r?jld draft
0a9932b1f6a8f1ba2b2dc962b2d3e8d65cf9fee9
created 2017-01-23 20:08 +0100
pushed 2017-01-23 19:11 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Add Split() function on String classes. r?froydnj draft
7fa003193448db4ed47c72d416e59d306230773e
created 2017-01-18 00:22 +0100
pushed 2017-01-17 23:25 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Add Split() function on String classes. r?froydnj draft
c53bce434e7ebdfef59c7bcdeb9add526cffc277
created 2017-01-11 21:05 +0100
pushed 2017-01-17 23:25 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Add whitelist for syscalls via preferences. r?jld draft
76779b56b0fd1ca4de6af3b24562307caaebea81
created 2017-01-11 16:31 +0100
pushed 2017-01-17 23:25 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1330326 - Add preferences to override sandbox write path defaults. r?jld draft
d14600685fe13aacdb164c41d247021ae7f5c2e9
created 2016-10-11 16:35 +0200
pushed 2016-11-29 16:32 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1309098 - Add ALSA devices to filesystem policy whitelist. r?glandium draft
28c0629afe65b7d9029903362d8adb894afe95d3
created 2016-11-02 20:02 +0100
pushed 2016-11-02 19:21 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1312678 - Whitelist DRI drivers in the content sandbox, for WebGL. r?jld draft
ade03098f4cbbf60cb8845884a7c51ac16cbb3e7
created 2016-10-11 16:35 +0200
pushed 2016-10-11 14:36 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1309098 - Add ALSA devices to filesystem policy whitelist. draft
9a3350560200154cecb62113b814f9878dcd2629
created 2016-10-10 20:51 +0200
pushed 2016-10-10 18:52 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308851 - Open up devices for NVIDIA proprietary driver in the sandbox. r?jld draft
1eea69fbaaf60652439f37281ccbbb3137000b56
created 2016-10-10 19:36 +0200
pushed 2016-10-10 17:37 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1308851 - Open up devices for NVIDIA proprietary driver in the sandbox. r?jld draft
0850e667a884387889effe3a9dc2dcfb73712387
created 2016-09-29 20:30 +0200
pushed 2016-09-29 18:30 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1289718 - Clean up stat/stat64 wrapper. Deal with non-default TMPDIR. r?jld draft
a51cfa0a0c53e512ba78095ab02d815d94fb1eeb
created 2016-09-27 17:25 +0200
pushed 2016-09-27 15:26 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1289718 - Extend sandbox file broker to handle paths, support more syscalls. r?tedd r?jld draft
edd0fbcc53c97050513d87536eb1c4c47ea51579
created 2016-09-15 18:59 +0200
pushed 2016-09-19 16:02 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1289718 - Extend sandbox file broker to handle paths, support more syscalls. r?tedd r?jld draft
ba11e78f94d71358aea39de86703ffbc7d4595e2
created 2016-09-14 17:22 +0200
pushed 2016-09-14 15:39 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1289718 - Extend sandbox file broker to handle paths, support more syscalls. r?tedd r?jld draft
e73b21f1a141290b320fe302b96c3aa44aada609
created 2016-09-05 19:59 +0200
pushed 2016-09-05 18:08 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1289718 - Extend sandbox file broker to handle paths, support more syscalls. r?tedd r?jld draft
643f73fc9474e3cd1c7a86e9cb3ff570a387cda1
created 2016-08-11 15:12 +0200
pushed 2016-08-12 13:26 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - Bug 1288410 - Respect file brokering preference regardless of supportedness. r?tedd draft
4468c397a6cf2cd5d4272803a403cf2eac31f1ae
created 2016-07-27 18:06 +0200
pushed 2016-08-12 13:26 +0000
Gian-Carlo Pascutto Gian-Carlo Pascutto - WIP draft
less more (0) -60 tip