Security/Reviews/B2G: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 1: Line 1:
==B2G Reviews==
==B2G Reviews==
{{ForceRefreshButton}}
<table class="querytable sortable">
<tr>
<td class="header">Component</td>
<td class="header">Project Page</td>
<td class="header">Next Milestone</td>
<td class="header">Security Resource</td>
<td class="header">Status</td>
<td class="header">Beta Launch?</td>
<td class="header">Data Flow Diagram</td>
<td class="header">Threat Model</td>
<td class="header">Bugs</td>
<td class="header">Security Review</td>
<td class="header">Final Approval</td>
</tr>
{{#ask: [[Category:B2G]]
| ?#
| ?Component#
| ?Project#
| ?Milestone#
| ?Resource#
| ?Sectrackerstatus#
| ?Simpyn#
| ?DFD#
| ?TM#
| ?bugs#
| ?Secreveiw#
| ?SecTrackerFSA#
| mainlabel=-
| format=template
| template=SecTrackerList
}}
</table>


The list below outlines the core areas of B2G which need security review.
There are also a number of bugs which block Web API but are not APIs on their own. These may need review in the future https://bugzilla.mozilla.org/showdependencytree.cgi?id=673923


Created from:
{|
* B2G Bugs [[https://bugzilla.mozilla.org/showdependencytree.cgi?id=715782&hide_resolved=1]]
 
* B2G Schedule: [[https://wiki.mozilla.org/B2G/Schedule_Roadmap]]
|}




Revision as of 05:11, 4 April 2012

B2G Reviews

Force Page Refresh
{{#ask: | ?# | ?Component# | ?Project# | ?Milestone# | ?Resource# | ?Sectrackerstatus# | ?Simpyn# | ?DFD# | ?TM# | ?bugs# | ?Secreveiw# | ?SecTrackerFSA# | mainlabel=- | format=template | template=SecTrackerList }}
Component Project Page Next Milestone Security Resource Status Beta Launch? Data Flow Diagram Threat Model Bugs Security Review Final Approval

There are also a number of bugs which block Web API but are not APIs on their own. These may need review in the future https://bugzilla.mozilla.org/showdependencytree.cgi?id=673923


Permissions Model & Management

  • Summary: Permissions Management in B2G. Everything to grant, read, revoke and manage app permissions for B2G apps. Priority since most other APIs depend on this.
  • Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=707625
  • Permission DB (currently being designed)

Web Contacts

B2G Telephony

SMS

Browser


Network Connectivity

App Management

Installation and management of Web Apps (Open Web Apps for B2G)

Bug (app cache): https://bugzilla.mozilla.org/show_bug.cgi?id=702369

Web Bluetooth

Summary: Bluetooth API for B2G https://bugzilla.mozilla.org/show_bug.cgi?id=727618

Settings API

Summary: API for managing the B2G phone settings Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=678695

Updater

Summary: Gaia and Gecko update mechanisms for B2G

Gaia Apps

All of the following apps will need at least a cursory review

  • Critical to review
    • Settings
    • Marketplace
    • Dialer
    • SMS
  • Non-critical to review
    • Camera
    • Photo Gallery
    • Video player
    • Music player
    • Email
    • Calendar
    • Clock
    • Calculator
    • Notepad
    • Maps
Retrieved from "https://wiki.allizom.org/index.php?title=Security/Reviews/B2G&oldid=416071"