Security/Reviews/FxOSGecko/Template

Overview

FirefoxOS Review Details

• API: XXXXX API
• Review Date: October 2013
• Review Lead: L.E. Taccor

Context

• Why are we doing a review
• Has it been reviewed before
• Any special risks or concerns

Scope

• What parts of Gaia, Gecko and or Gonk are we looking.

The following system components were reviewed:

• Gaia

Configuration of Wifi via the settings (and other Apps)

• Gaia
  • Foo app
  • Web Activities provided by Bar app
• Gecko
  • mozXXX interface
  • Gecko Permissions
  • Messaging ( messages, system messages)
  • Interface to XYZ service on IPC socket (JSON-based communication protocol)
• Gonk
  • XYZ Service

The following items were deemed lower risk and not reviewed:

• Communication between XYZ and hardware
• etc etc

Components

See Web NFC review for example

Relevant Source Code

Permission Model

• Paste from Permissions Table.jsm (see below)
• Discuss anything special like access
• Discuss where permissions are enforced (access to object, on IPC messages, at each function call etc)

 "wifi-manage": {
 190                              app: DENY_ACTION,
 191                              privileged: DENY_ACTION,
 192                              certified: ALLOW_ACTION
 193                            },

Review Notes

1. Content/Chrome Segregation

2. Process Segregation

3. Data validation & Sanitization

4. Denial of Service

Security Risks & Mitigating Controls

• At a minimum, something like Web NFC discussion
• Maybe more in-depth if needed e.g./Security/Reviews/Identity/browserid#Threat_Model BrowserID (persona)

Actions & Recommendations

• List of recommendations, and corresponding bug numbers
• For sensitive bugs, just put bug number (or omit entirely maybe it is really dangerous & obvious)