Security/Reviews/Gaia/Camera: Difference between revisions

← Older edit

Security/Reviews/Gaia/Camera (view source)

Revision as of 02:32, 24 June 2013

2,271 bytes added , 24 June 2013

no edit summary

Ptheriault

canmove, Confirmed users

1,220

edits

@@ Line 1: / Line 1: @@
 === App Review Details ===
-* App:
+* App: Gaia Camera App
-* Review Date:
+* Review Date: 23 Jun 2013
-* Review Lead:
+* Review Lead: Paul Theriault
 === Overview ===
+Camera takes photos and video using the certified-only Camera Control API (https://developer.mozilla.org/en-US/docs/Web/API/CameraControl)
+This API is only available tot he camera app for security reasons. The camera app however does handle certain web activities so that other apps can take pictures  and video.
 ===Architecture===
@@ Line 14: / Line 15: @@
 ====Relevant Source Code====
+The camera app consists of 2 javascript files:
+https://github.com/mozilla-b2g/gaia/blob/master/apps/camera/js/camera.js
+https://github.com/mozilla-b2g/gaia/blob/master/apps/camera/js/filmstrip.js
+====Permissions====
+ "permissions": {
+    "storage":{},
+    "device-storage:pictures":{ "access": "readwrite" },
+    "device-storage:videos":{ "access": "readwrite" },
+    "settings":{ "access": "readonly" },
+    "camera":{},
+    "geolocation":{},
+    "audio-channel-notification":{}
+  },
+====Web Activity Handlers ====
+Supports 2 activities: record (photo & video) & pick (images video)
+Record starts the camera in either photo or video mode.
+Pick returns an image to the calling page.
+"activities": {
+    "record": {
+      "filters": {
+        "type": ["photos", "videos"]
+       },
+      "disposition": "window"
+    },
+    "pick": {
+      "filters": {
+        "type": ["image/*", "image/jpeg"]
+       },
+      "returnValue": true,
+      "disposition": "inline",
+      "href": "/index.html#pick"
+    }
+  },
-====Permissions====
-====Web Activity Handlers ====
 ====Web Activity Usage ====
+Use mozactivity to launch the gallery. No security implications.
+filmstrip launches a share activity. Again doesn't do anything with return value, so no security implications.
 ==== Notable Event Handlers ====
+No issues identified.
+===Code Review Notes===
+Limited inputs apart from web activity usage discussed above.
-===Code Review Notes===
 ====1. XSS & HTML Injection attacks====
+Not really any inputs so no risk here.
 ====2. Secure Communications ====
+Doesn't do any communication
 ====3. Secure data storage ====
+No applicable.
 ====4. Denial of Service ====
+#Use all disk space with a recording?
+*No way for another app to start recording.
+#Starting camera to waste battery?
+*Web activity could be used to start camera, which would consume a lot of bandwidth. Not really any different to other resource usage (e.g. deliberately chewing cpu etc)
+* DoS the camera by repeated recordings
 ====5. Use of Privileged APIs ====
+Settings access readonly, just used for shutter noise.
 ====6. Interfaces with other Apps/Content====
+Device storage is only interface apart from web activities.
 === Security Risks & Mitigating Controls ===
+Video indicator is broken - turns on but doesn't turn off.
 === Actions & Recommendations ===
+Recording indicator shows that camera is enabled, but not which camera, or how to turn it off.  (known issues 828600)
 [[Category:SecReview]]