Security/Reviews/Gaia/Dialer

WORK IN PROGRESS WORK IN PROGRESS

• App: Dialer
• Review Date: 25 Feb 2013
• Review Lead: Stefan Arentz
• Review Bug: bug 754741 [Security Review] B2G Gaia - Dialer
• Dependency Tree: https://bugzilla.mozilla.org/showdependencytree.cgi?id=754741&hide_resolved=1

Components

Relevant Source Code

Source code can be found at https://github.com/mozilla-b2g/gaia/tree/v1-train/apps/communications/dialer

Application code:

• dialer/index.html
• dialer/oncall.html
• dialer/ussd.html
• dialer/js/keypad.js
• dialer/js/dialer.js

Shared code:

• shared/js/mouse_event_shim.js
• shared/js/async_storage.js
• shared/js/l10n.js
• shared/js/l10n_date.js
• shared/js/mobile_operator.js
• shared/js/notification_helper.js
• shared/js/simple_phone_matcher.js
• shared/js/settings_listener.js
• contacts/js/confirm_dialog.js
• contacts/js/fb/fb_data.js
• contacts/js/fb/fb_contact_utils.js
• dialer/js/contacts.js
• dialer/js/recents.js
• dialer/js/telephony_helper.js
• dialer/js/ussd.js

Permissions

   "telephony":{},
   "voicemail":{},
   "contacts":{ "access": "readwrite" },
   "mobileconnection":{},
   "attention":{},
   "settings":{ "access": "readwrite" },
   "desktop-notification":{},
   "alarms": {},
   "systemXHR": {},
   "wifi-manage":{},
   "time": {},
   "audio-channel-telephony":{},
   "audio-channel-ringer":{},
   "browser":{}

Web Activity Handlers

   "dial": {
     "filters": {
       "type": "webtelephony/number"
     },
     "href": "/dialer/index.html#keyboard-view",
     "disposition": "window"
   }

System Messages

 "messages": [
    { "alarm": "/facebook/fb_sync.html" },
    { "bluetooth-dialer-command": "/dialer/index.html#keyboard-view" },
    { "headset-button": "/dialer/index.html#keyboard-view" },
    { "notification": "/dialer/index.html#keyboard-view" },
    { "telephony-new-call": "/dialer/index.html#keyboard-view" },
    { "ussd-received": "/dialer/index.html#keyboard-view" }
 ]

Web Activity Usage

Notable Event Handlers

1. XSS & HTML Injection attacks

2. Secure Communications

3. (Secure) data storage

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

7. Oddities

The application unnecessarily has access to all system settings. This is an issue with the Settings API that should be improved in a future version of Firefox OS:

• bug 841071 Settings are globally shared between applications
• bug 841196 Applications should stop using settings permission to just get locale info