Recent (since 91) regressions in Firefox

To: pkgsrc-users%NetBSD.org@localhost
Subject: Recent (since 91) regressions in Firefox
From: nia <nia%NetBSD.org@localhost>
Date: Tue, 19 Jul 2022 07:28:52 +0000

At some point, PaX MPROTECT safety was lost. This is very upsetting,
since it's a significant security downgrade, and I worked hard on making
it work:

# For RLBox WASM sandbox. Sync condition with mozilla-common.mk
.if ${MACHINE_ARCH} == "x86_64" || ${MACHINE_ARCH} == "i386" 
NOT_PAX_MPROTECT_SAFE+= lib/${PKGBASE}/firefox
NOT_PAX_MPROTECT_SAFE+= lib/${PKGBASE}/firefox-bin
.endif

The commit message says "Enable RLBox WebAssembly sandboxing for i386 and
x86_64 architectures.", and does not explain why it was necessary to
disable MPROTECT. I would have liked discussion to occur first.
Nevertheless I will investigate the mprotect calls and see if it
is possible to re-enable MPROTECCT for Firefox.

The second issue is that webrtc is now disabled on ARM. This is
again a sad thing to happen in and increasingly online-meetings world.
I have less ability to test this due to lacking an ARM development
machine currently.

Follow-Ups:
- Re: Recent (since 91) regressions in Firefox
  - From: nia

Prev by Date: Joyent package repo migrated to MNX
Next by Date: Update net/gst-rtsp-server to 1.19.2
Previous by Thread: Joyent package repo migrated to MNX
Next by Thread: Re: Recent (since 91) regressions in Firefox
Indexes:

Home | Main Index | Thread Index | Old Index