CVS: cvs.openbsd.org: ports

[Landry Breuil]

CVSROOT:        /cvs
Module name:    ports
Changes by:     lan...@cvs.openbsd.org  2018/05/11 14:00:57

Modified files:
        www/mozilla-firefox: Makefile distinfo 
        www/mozilla-firefox/files: all-openbsd.js 
        www/mozilla-firefox/patches: 
                                     
patch-security_manager_pki_resources_content_exceptionDialog_js 
                                     patch-storage_mozStorageConnection_cpp 
        www/mozilla-firefox/pkg: PLIST 
        www/firefox-i18n: Makefile.inc distinfo 
Added files:
        www/mozilla-firefox/patches: patch-dom_ipc_ContentChild_cpp 
                                     patch-gfx_thebes_gfxFcPlatformFontList_cpp 
                                     patch-gfx_thebes_gfxFcPlatformFontList_h 
                                     patch-mozglue_misc_TimeStamp_posix_cpp 
                                     patch-toolkit_xre_nsAppRunner_cpp 
                                     patch-widget_nsShmImage_cpp 
                                     patch-xpcom_base_nsDebugImpl_cpp 
                                     
patch-xpcom_base_nsMemoryReporterManager_cpp 

Log message:
Update to firefox 60.

See https://www.mozilla.org/en-US/firefox/60.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/

- Add initial/wip pledge() support, with distinct subsets for main &
content processes. The promises are runtime-configurable for now via
about:config knobs to ease debugging/testing. They're printed on stderr
when applied by the sandboxing codepaths (cf
patch-toolkit_xre_nsAppRunner_cpp and patch-dom_ipc_ContentChild_cpp).

- Add a bunch of patches (patch-widget_nsShmImage_cpp,
patch-xpcom_base_nsDebugImpl_cpp, patch-mozglue_misc_TimeStamp_posix_cpp and
patch-xpcom_base_nsMemoryReporterManager_cpp) to neuter non-critical
codepaths that calls pledge-forbidden syscalls.

- All this pledge() stuff being currently discussed upstream in
https://bugzilla.mozilla.org/show_bug.cgi?id=1457092 and done at p2k18.
Been running with it since then, and i'm fairly confident the pledge
subsets i come up with are now enough for most usages.

If you encounter crashes due to pledge, look into your kernel log, and
try to figure out what missing pledge is needed or what firefox codepath
hits it.

So far i know 'getpw' might be needed when uploading files but i havent
hit it, and 'proc' might be needed by the content process when there's
no dbus daemon running, but they're not needed in the 'common case', and
too broad.

- While here, tweak defaults to disable the pocket extension, and try to
disable the activity-stream/sponsored content that is being shown by
default on the new tab page in new profiles. Stop the madness, plz.