B2G App Security Model/Threat Model: Difference between revisions

Jump to navigation Jump to search

B2G App Security Model/Threat Model (view source)

Revision as of 00:50, 23 March 2012

2 bytes added ,  23 March 2012
m
→‎Potential Countermeasures
Line 95: Line 95:
** Prevent loading of remote scripts for critical apps
** Prevent loading of remote scripts for critical apps
** Prevent loading of remote content
** Prevent loading of remote content
** I.e. enforce a CSP policy on critical Web Apps (''note however: [[Apps/Security#The_Problem_With_Using_SSL]])
** I.e. enforce a CSP policy on critical Web Apps (''note however: [[Apps/Security#The_Problem_With_Using_SSL]]'')
* Subdivision of applications using UNIX "spawn" techniques (fork followed by exec)
* Subdivision of applications using UNIX "spawn" techniques (fork followed by exec)
** "spawn" is the only safe way to completely isolate applications from compromise
** "spawn" is the only safe way to completely isolate applications from compromise
Lkcl
177

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/410907"

Navigation menu