WebAPI/Security/TCPSocket: Difference between revisions

Jump to navigation Jump to search

WebAPI/Security/TCPSocket (view source)

Revision as of 21:51, 6 August 2012

5 bytes added ,  6 August 2012
no edit summary
No edit summary
No edit summary
Line 1: Line 1:
Name of API: Socket API
Name of API: Socket API
Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=733573


Brief purpose of API: Grant full access to raw sockets to allow applications such as SMTP clients etc <br>
Reference
*https://bugzilla.mozilla.org/show_bug.cgi?id=733573
*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Asm37KDoVB4/discussion
 
Brief purpose of API: Grant full access to raw sockets to allow applications such as SMTP clients etc
 
General Use Cases: None
General Use Cases: None


Inherent threats:Malicious apps attacking internal systems (firewall bypass), local device access
Inherent threats: Malicious apps attacking internal systems (firewall bypass), local device access


Threat severity: High
Threat severity: High


== Regular web content (unauthenticated) ==
== Regular web content (unauthenticated) ==
*Use cases for unauthenticated code:None
Use cases for unauthenticated code: None
*Authorization model for normal content:None
 
*Authorization model for installed content: None
Authorization model for normal content: None
*Potential mitigations:N/A
 
Authorization model for installed content: None
 
Potential mitigations:N/A
 
== Privileged (approved by app store) ==
Use cases: Talk to non-HTTP services.  SSH, FTP, mail clients, supporting custom protocols
 
Authorization model: Implicit


== Trusted (authenticated by publisher) ==
Potential mitigations:
*Use cases for authenticated code: Talk to non-HTTP services.  SSH, FTP, mail clients, supporting custom protocols
*Firewall should prohibit access to privileged low number OS ports (<1024).
*Use cases for trusted code: Implicit
*Listening on a port < 1024 should be prohibited.
*Potential mitigations: Firewall should prohibit access to privileged low number OS ports (<1024). Listening on a port < 1024 should be prohibited.
*Specify hosts/ports in the manifest, permissions granted implicitly. user can modify permissions?
*Specify hosts/ports in the manifest, permissions granted implicitly. user can modify permissions? User prompted on first run?  


== Certified (vouched for by trusted 3rd party) ==
== Certified (system-critical apps) ==
*Use cases for certified code:  Open a connection to any domain/port
*Use cases:  Open a connection to any domain/port
*Authorization model: Implicit
*Authorization model: Implicit
*Potential mitigations: specify hosts/ports in the manifest, permissions granted implicitly and not able to be revoked (unless device is in developer mode)
*Potential mitigations: specify hosts/ports in the manifest, permissions granted implicitly and not able to be revoked (unless device is in developer mode)
Ladamski
Confirmed users
717

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/458313"

Navigation menu