88
edits
Security/Mentorships/MWoS/2014/B2G-IPC-Audit: Difference between revisions
Security/Mentorships/MWoS/2014/B2G-IPC-Audit (view source)
Revision as of 01:44, 22 August 2014
, 22 August 2014→Success Criteria
| Line 25: | Line 25: | ||
=== Scope === | === Scope === | ||
This audit is concerned with software bugs in the FirefoxOS code that allow an attacker to compromise a privileged process and escape from the sandbox. Specifically we are concerned with those triggerable in the IPC mechanisms between a child app and the master 'b2g' process however I'm sure we'll find some extras along the way :) | This audit is concerned with software bugs in the FirefoxOS code that allow an attacker to compromise a privileged process and escape from the sandbox. Specifically we are concerned with those triggerable in the IPC mechanisms between a child app and the master 'b2g' process however I'm sure we'll find some extras along the way :) | ||
== Firefox OS Sandbox Review == | == Firefox OS Sandbox Review == | ||