88
edits
Security/Mentorships/MWoS/2014/B2G-IPC-Audit: Difference between revisions
Security/Mentorships/MWoS/2014/B2G-IPC-Audit (view source)
Revision as of 01:46, 22 August 2014
, 22 August 2014→Scope
(→Scope) |
(→Scope) |
||
| Line 24: | Line 24: | ||
=== Scope === | === Scope === | ||
This audit is concerned with software bugs in the FirefoxOS code that allow an attacker to compromise a privileged process and escape from the sandbox. | This audit is concerned with software bugs in the FirefoxOS code that allow an attacker to compromise a privileged process and escape from the sandbox. <br /> | ||
Specifically we are concerned with those triggerable in the IPC mechanisms between a child app and the master 'b2g' process however I'm sure we'll find some extras along the way :) | Specifically we are concerned with those triggerable in the IPC mechanisms between a child app and the master 'b2g' process however I'm sure we'll find some extras along the way :) | ||