security/sandbox/linux/SandboxFilter.cpp
48431f63d84227177951f65c9c828548d9a8bbb2
created 2019-02-23 00:44 +0000
pushed 2019-03-11 13:01 +0000
Jed Davis Jed Davis - Bug 1511560 - Move the Linux sandbox broker hooks into SandboxPolicyCommon. r=gcp
56f39977c72c62e0fdff0e5f68e72d6091b221db
created 2019-02-27 15:23 +0000
pushed 2019-03-11 13:01 +0000
Jed Davis Jed Davis - Bug 1500297 - Require a broker client in ContentSandboxPolicy at level > 1. r=gcp
5f4630838d46dd81dadb13220a4af0da9e23a619
created 2019-01-18 10:16 +0100
pushed 2019-01-21 13:03 +0000
Ehsan Akhgari Ehsan Akhgari - Bug 1521000 - Part 2: Adjust our clang-format rules to include spaces after the hash for nested preprocessor directives r=sylvestre
6f3709b3878117466168c40affa7bca0b60cf75b
created 2018-11-30 11:46 +0100
pushed 2018-12-03 16:23 +0000
Sylvestre Ledru Sylvestre Ledru - Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
026130a68e7c9a54d0995a485cd941aad9a3c30c
created 2018-09-17 16:43 +0000
pushed 2018-10-15 21:07 +0000
Jed Davis Jed Davis - Bug 1489735 - Quietly deny sched_setaffinity in content process sandbox r=gcp
b54db66223586b4e04f5cb926fccdacf8a176b91
created 2018-05-30 21:15 +0200
pushed 2018-06-18 21:43 +0000
Emilio Cobos Álvarez Emilio Cobos Álvarez - Bug 1465585: Switch from mozilla::Move to std::move. r=froydnj
c74eb9a24c8b44f90d3fadaef6c48b4b4043aa61
created 2018-05-18 17:36 -0600
pushed 2018-06-18 21:43 +0000
Jed Davis Jed Davis - Bug 1462640 - Allow content processes to mincore() individual pages. r=gcp
0b8d58958178006790e77995487d947d4dfc86e6
created 2018-03-12 20:21 -0600
pushed 2018-04-26 21:04 +0000
Jed Davis Jed Davis - Bug 1445003 - Detect RenderDoc and adjust the sandbox policy so it can work. r=gcp
792ab44dd9ec02732ae1d964c1726967e05b598f
created 2018-03-09 19:31 -0700
pushed 2018-03-12 14:54 +0000
Jed Davis Jed Davis - Bug 1440206 - Allow brokered access to a subset of connect() in the Linux content sandbox. r=gcp
936b73ae6e3ce7a98e596b0422b2776db349e85d
created 2018-02-27 21:30 -0700
pushed 2018-03-02 22:13 +0000
Jed Davis Jed Davis - Bug 1438401 - Quietly fail shmget() in sandboxed content processes. r=gcp
d853ce9b3dd3e2d4ac66c6e12b6ed2425513b91a
created 2018-02-15 16:10 -0700
pushed 2018-03-01 16:46 +0000
Jed Davis Jed Davis - Bug 1438389 - Quietly disallow chown() in sandboxed content processes. r=gcp
4e2bf17f806d4451e4390dc5f6bd83daeca1b8ce
created 2018-01-29 17:36 -0700
pushed 2018-03-01 16:46 +0000
Jed Davis Jed Davis - Bug 1425274 - Filter socketpair() in content sandbox on 32-bit x86 with new-enough kernels. r=gcp
74b5e036363f6123db0a96e31355b4aa88058c28
created 2018-01-26 19:43 -0700
pushed 2018-03-01 16:46 +0000
Jed Davis Jed Davis - Bug 1376910 - Remove SysV IPC access from Linux content sandbox when possible. r=gcp
af41b725ff915e0bca46a43175fc20c8a0785b86
created 2018-01-23 22:37 -0700
pushed 2018-03-01 16:46 +0000
Jed Davis Jed Davis - Bug 1386019 - Also remove ALSA-related sandbox rules if ALSA is remoted. r=gcp
ff1469e834940ae28709a94c14ea02e0428e1cc5
created 2018-01-23 22:37 -0700
pushed 2018-03-01 16:46 +0000
Jed Davis Jed Davis - Bug 1386019 - At sandbox level 4, remove syscalls used only by PulseAudio. r=gcp
35083f8586e713ecf393435c63ed2a93bc7c5803
created 2018-01-23 22:35 -0700
pushed 2018-03-01 16:46 +0000
Jed Davis Jed Davis - Bug 1126437 - Add Linux content sandbox level 4 for blocking socket APIs. r=gcp
bb5e75c2d0c8473678517965ad6e6d0ff3c323fb
created 2018-01-23 22:35 -0700
pushed 2018-03-01 16:46 +0000
Jed Davis Jed Davis - Bug 1126437 - Reorganize content sandbox params extracted from libxul APIs. r=gcp
3b11a0bf7ae7a7fe0ed508583cf07441b68bab78
created 2017-11-20 10:47 -0700
pushed 2018-01-11 21:05 +0000
Jed Davis Jed Davis - Bug 1409895 - Deny getcwd in the Linux content process sandbox. r=gcp
e056256f34337a7d20eff986b69e4791135f10b3
created 2017-12-07 22:17 +0200
pushed 2018-01-11 21:05 +0000
Noemi Erli Noemi Erli - Backed out 2 changesets (bug 1409895) for crashes in Linux talos jobs r=backout on a CLOSED TREE
bc8fbf503fea22d3db9d44a2e79e440c6c86490a
created 2017-11-20 10:47 -0700
pushed 2018-01-11 21:05 +0000
Jed Davis Jed Davis - Bug 1409895 - Disallow getcwd in Linux content process sandbox. r=gcp
4ccd1fbb5ea660f79c573f5b95d15188de3b8a94
created 2017-10-31 18:12 -0600
pushed 2017-11-07 22:38 +0000
Jed Davis Jed Davis - Bug 1413312 - Fix media plugin sandbox policy for sched_get_priority_{min,max}. r=gcp
67cb7ca658a7a2e9a4aaebb0801a3f93c50deba7
created 2017-10-30 19:45 -0600
pushed 2017-11-07 22:38 +0000
Jed Davis Jed Davis - Bug 1412464 - Change sandboxing inotify denial from seccomp-bpf to symbol interception. r=gcp
eeb1aae7683bac5303976c8ebd425f632ecb0b9b
created 2017-10-27 19:51 -0600
pushed 2017-11-07 22:38 +0000
Jed Davis Jed Davis - Bug 1412480 - Statically check for overly large syscall arguments. r=gcp
48b83b14ff3d1c47481980b5ec0b091d26d3d4c9
created 2017-10-27 20:51 -0600
pushed 2017-11-07 22:38 +0000
Jed Davis Jed Davis - Bug 1412480 - Fix syscall argument types in seccomp-bpf sandbox traps. r=gcp
d1e920ac2d7c1f6c03face443dc839bb26ad6f17
created 2017-10-27 18:05 -0600
pushed 2017-11-02 16:33 +0000
Jed Davis Jed Davis - Bug 1411115 - Allow F_SETLK fcntl in sandboxed content processes. r=gcp
862de4b756405c181a1db886a16a603ffe2f20df
created 2017-10-27 19:32 -0600
pushed 2017-11-02 16:33 +0000
Jed Davis Jed Davis - Bug 1409900 - Handle sandboxed statfs() by replacing it with open+fstatfs. r=gcp
9f9c7289c55b64d0faba947f16162e178eab1a19
created 2017-10-25 12:43 -0600
pushed 2017-11-02 16:33 +0000
Jed Davis Jed Davis - Bug 1409900 - Disallow quotactl in sandboxed content processes. r=gcp
ae49d4a5762264ded3aae4006baddc2203b79b94
created 2017-10-27 16:15 +0300
pushed 2017-11-02 16:33 +0000
Attila Craciun Attila Craciun - Backed out 2 changesets (bug 1409900) for failing browser chrome on Linux opt at browser/base/content/test/general/browser_bug590206.js r=backout a=backout.
4381412e49e32985fa68868c30134fa70102e8a4
created 2017-10-25 13:35 -0600
pushed 2017-11-02 16:33 +0000
Jed Davis Jed Davis - Bug 1408497 - Disallow inotify in sandboxed content processes. r=gcp
83296a355dd49b2822a52b08d0df89e029ea56bc
created 2017-10-25 13:08 -0600
pushed 2017-11-02 16:33 +0000
Jed Davis Jed Davis - Bug 1409900 - Handle sandboxed statfs() by replacing it with open+fstatfs. r=gcp
less more (0) -100 -50 -30 tip