Opened 2 years ago

Closed 15 months ago

#23659 closed task (fixed)

Clean-up content sandboxing code for Tor Browser on Windows

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-security, ff60-esr-will-have
Cc: tom Actual Points:
Parent ID: #23658 Points:
Reviewer: Sponsor:

Description

Jacek wrote back then a PoC to get the Tor Browser content sandbox compiled for Windows. We should go thoroughly over the that code and clean it up.

We already shipped two fix up patches to the original patch:

https://gitweb.torproject.org/tor-browser.git/commit/?h=tor-browser-52.3.0esr-7.5-2&id=2354d122644d82df54d655ece5b42bdfa4cf38f8
https://gitweb.torproject.org/tor-browser.git/commit/?h=tor-browser-52.4.0esr-7.5-1&id=0a9793458e9ddd5c7742d3ceb250125c52e8bf86

Child Tickets

Change History (8)

comment:1 Changed 2 years ago by gk

See: comment:63:ticket:16010 for one of the things we might want to make more clear.

comment:2 Changed 2 years ago by gk

And see comment:64:ticket:16010, too.

comment:3 Changed 2 years ago by cypherpunks

comment:4 Changed 2 years ago by tom

Cc: tom added

comment:5 Changed 2 years ago by cypherpunks

  1. For security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc: do we know what the implications are for the FIXME (making SmartSidestepResolverThunk::SmartStub() a NOOP)?

I trust bobowen when he says this one does not get used right now

Could you add an assertion to https://dxr.mozilla.org/mozilla-esr52/source/security/sandbox/chromium/sandbox/win/src/interception_agent.cc#226 to be sure?

comment:6 Changed 16 months ago by gk

Keywords: ff60esr-will-have added

comment:7 Changed 16 months ago by gk

Keywords: ff60-esr-will-have added; ff60esr-will-have removed

comment:8 Changed 15 months ago by gk

Resolution: fixed
Status: newclosed

tjr cleaned most of it up and we got essentially everything landed on mozilla-central. Thus, WORKSFORME.

Note: See TracTickets for help on using tickets.