Security/Download Protection: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(→‎Telemetry: Mention the telemetry alert list)
(→‎Prefs: remove old Fx 45 pref)
Line 10: Line 10:
* <tt>browser.safebrowsing.downloads.remote.enabled</tt>: enables remote lookups (requires the previous pref)
* <tt>browser.safebrowsing.downloads.remote.enabled</tt>: enables remote lookups (requires the previous pref)
* <tt>browser.safebrowsing.downloads.remote.timeout_ms</tt>: timeout for the remote lookups
* <tt>browser.safebrowsing.downloads.remote.timeout_ms</tt>: timeout for the remote lookups
* <tt>browser.safebrowsing.downloads.remote.url</tt>: server endpoint for remote lookups
* <tt>browser.safebrowsing.malware.enabled</tt>: enables malware checks (required by application reputation)
* <tt>browser.safebrowsing.malware.enabled</tt>: enables malware checks (required by application reputation)
* <tt>browser.safebrowsing.provider.google.lists</tt>: list of tables coming from the Google Safe Browsing service
* <tt>browser.safebrowsing.provider.google.lists</tt>: list of tables coming from the Google Safe Browsing service
* <tt>urlclassifier.downloadAllowTable</tt>: list of trusted certificates which suppress remote lookups (Windows-only)
* <tt>urlclassifier.downloadAllowTable</tt>: list of trusted certificates which suppress remote lookups (Windows-only)
* <tt>urlclassifier.downloadBlockTable</tt>: list of URLs serving malware binaries
* <tt>urlclassifier.downloadBlockTable</tt>: list of URLs serving malware binaries
Firefox 45 and earlier:
* <tt>browser.safebrowsing.appRepURL</tt>: server endpoint for remote lookups
Firefox 46 and later:
* <tt>browser.safebrowsing.downloads.remote.url</tt>: server endpoint for remote lookups


== Engineering ==
== Engineering ==

Revision as of 22:09, 7 April 2017

Description

This feature protects users against malware downloads. It is based on Safe Browsing.

See Security/Features/Application_Reputation_Design_Doc for implementation details.

Prefs

  • browser.safebrowsing.downloads.enabled: enables application reputation checks for downloaded files
  • browser.safebrowsing.downloads.remote.enabled: enables remote lookups (requires the previous pref)
  • browser.safebrowsing.downloads.remote.timeout_ms: timeout for the remote lookups
  • browser.safebrowsing.downloads.remote.url: server endpoint for remote lookups
  • browser.safebrowsing.malware.enabled: enables malware checks (required by application reputation)
  • browser.safebrowsing.provider.google.lists: list of tables coming from the Google Safe Browsing service
  • urlclassifier.downloadAllowTable: list of trusted certificates which suppress remote lookups (Windows-only)
  • urlclassifier.downloadBlockTable: list of URLs serving malware binaries

Engineering

Product/Component: Toolkit/Safe Browsing

Most of the code lives in toolkit/components/downloads/ApplicationReputation.cpp.

Upstream list of file extensions:

QA

To turn on debugging output, export the following environment variable:

MOZ_LOG_FILE=/tmp/apprep.log
MOZ_LOG="ApplicationReputation:5"

Telemetry

Alerts are sent to safebrowsing-telemetry@mozilla.org.

Documentation