WebAPI/Security/TCPSocket: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
Line 13: Line 13:
Threat severity: High
Threat severity: High


== Regular web content (unauthenticated) ==
=== Permissions Table===
Use cases for unauthenticated code: None


Authorization model for normal content: None
{| border="1" class="wikitable"
 
! Type
Authorization model for installed content: None
! Use Cases
 
! Authorization Model
Potential mitigations:N/A
! Notes & Other Controls
 
|-
== Privileged (approved by app store) ==
| Web Content || None|| No access
Use cases: Talk to non-HTTP services.  SSH, FTP, mail clients, supporting custom protocols
|-
 
| Installed Web Apps || None || No access
Authorization model: Implicit
|-
 
| Privileged Web Apps || Talk to non-HTTP services.  SSH, FTP, mail clients, supporting custom protocols || Implicit||
Potential mitigations:
*Firewall should prohibit access to privileged low number OS ports (<1024).
*Firewall should prohibit access to privileged low number OS ports (<1024).
*Listening on a port < 1024 should be prohibited.
*Listening on a port < 1024 should be prohibited.
*Specify hosts/ports in the manifest, permissions granted implicitly. user can modify permissions?
*Specify hosts/ports in the manifest, permissions granted implicitly.
 
|-
== Certified (system-critical apps) ==
| Certified Web Apps || Open a connection to any domain/port || Implicit || specify hosts/ports in the manifest, permissions granted implicitly and not able to be revoked (unless device is in developer mode)
Use cases: Open a connection to any domain/port
|}
 
Authorization model: Implicit
 
Potential mitigations: specify hosts/ports in the manifest, permissions granted implicitly and not able to be revoked (unless device is in developer mode)

Revision as of 12:15, 24 September 2012

Name of API: Socket API

Reference

Brief purpose of API: Grant full access to raw sockets to allow applications such as SMTP clients etc

General Use Cases: None

Inherent threats: Malicious apps attacking internal systems (firewall bypass), local device access

Threat severity: High

Permissions Table

Type Use Cases Authorization Model Notes & Other Controls
Web Content None No access
Installed Web Apps None No access
Privileged Web Apps Talk to non-HTTP services. SSH, FTP, mail clients, supporting custom protocols Implicit
  • Firewall should prohibit access to privileged low number OS ports (<1024).
  • Listening on a port < 1024 should be prohibited.
  • Specify hosts/ports in the manifest, permissions granted implicitly.
Certified Web Apps Open a connection to any domain/port Implicit specify hosts/ports in the manifest, permissions granted implicitly and not able to be revoked (unless device is in developer mode)
Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/Security/TCPSocket&oldid=472971"