Firefox3.1/Blocklisting Security Review: Difference between revisions

Firefox3.1/Blocklisting Security Review (view source)

Revision as of 21:00, 2 December 2008

1,257 bytes added , 2 December 2008

→‎Security and Privacy

Mossop

canmove, Confirmed users

1,567

edits

@@ Line 17: / Line 17: @@
 == Security and Privacy ==
 * What security issues do you address in your project?
+The blocklist itself is a way to mitigate security issues in third-party add-ons to the application.
+The blocklist itself is downloaded over https. The service is implemented in JavaScript so should not suffer from memory related bugs. Once blocked the add-ons are no longer meant to be loaded at all.
+** Need to verify how the blocklist service behaves with bad ssl certs
+** There is a problem with plugins on non-windows OS where the shared library must be loaded into memory to query the plugin metadata that will tell us if the plugin should be blocked or not.
 * Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing?
+The application ships with a default blocklist file however the absence of any blocklist file would not cause any problems. Any preferences have values set in the application defaults.
 * Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project.
+** I believe it may be possible for webpages to detect whether plugins have been blocklisted or disabled using a similar method to the history detection trick. I'm not sure whether this constitutes a real risk at all.
 * How are transitions in/out of Private Browsing mode handled?
+The blocklist is not watching for transitions to and from private browsing mode. While the service does download a new blocklist once a day I don't believe we should not do that when in private browsing mode. It does not reveal anything about what the user was doing at the time.
 == Exported APIs ==