Hi all,

Security Engineering has started a project to harden Firefox against attack in 
a post-sandboxed world. It’s early days yet for sandboxing, but conscious of 
the work required, I wanted to raise sandboxing as a topic for discussion, and 
request input towards developing a sandbox security model.

The goal of the hardening project is to make Firefox resilient, even when a 
content process is compromised. Having a restrictive sandbox is not an 
effective security control, if a weak security model or IPC implementation 
flaws lead to privilege escalation. To this end, several efforts are underway:
- Auditing and Testing IPC mechanisms, including:
        - Improving fuzzers to focus on IPC bugs (1320851)
        -  Auditing IPC mechanisms (IPDL 1041862, MessageManager 1040184)
- Reviewing Firefox components to with respect to sandbox controls

In this latter task, I’ve started documenting the sandbox security model at [1] 
& [2].  [2] is very much a work in progress however. I’ve contacted some groups 
directly, but would appreciate any input here. Please seek me out via email, at 
the all hands (Firefox homeroom) and/or attend the combined session we are 
running with the Platform Integration team on Friday 1pm [3].


[1] https://wiki.mozilla.org/Security/Sandbox/Process_model 
[2] https://wiki.mozilla.org/Security/Sandbox/Hardening 
<https://wiki.mozilla.org/Security/Sandbox/Hardening>   WIP, please help!
[3] https://hawaiiallhands2016.sched.org/event/930G/securing-the-sandbox 
dev-platform mailing list

Reply via email to