author Jed Davis <jld@mozilla.com>
Wed, 27 Feb 2019 20:14:54 +0000
changeset 519405 493b443954fe15f7b542ba14671f25e5f8531dff
parent 97673 838fb33405ba7f8804a76528aa956b913068015c
permissions -rw-r--r--
Bug 1506291 - Add Linux sandboxing for the RDD (media decoder) process. r=gcp,mjf,flod The seccomp-bpf policy is currently just the "common" policy with no additions (but with the fixes in bug 1511560 to enable shared memory creation). The file broker policy allows shared memory creation and nothing else. The namespace setup is the same as for GMP (i.e., as restrictive as we currently can be). The sandbox can be turned off for troubleshooting by setting the environment variable MOZ_DISABLE_RDD_SANDBOX, similarly to the other process types. Tested against https://demo.bitmovin.com/public/firefox/av1/ with the necessary prefs set. Depends on D20895 Differential Revision: https://phabricator.services.mozilla.com/D14525

<!DOCTYPE html>
      :-moz-read-write + span {
        display: none;
      span {
        color: transparent; /* workaround for bug 617524 */
        outline: 1px solid green;
    <input><span>hide me</span>
    <input readonly><span>hide me</span>
    <input type=password><span>hide me</span>
    <input type=password readonly><span>hide me</span>
    <input type=email><span>hide me</span>
    <input type=email readonly><span>hide me</span>
    <textarea></textarea><span>hide me</span>
    <textarea readonly></textarea><span>hide me</span>