Security/Reviews/B2G

< Security‎ | Reviews

Revision as of 05:38, 15 March 2012 by Ptheriault (talk | contribs) (→‎Updater)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

B2G Reviews

The list below outlines the core areas of B2G which need security review.

Created from:

B2G Bugs [[1]]
B2G Schedule: [[2]]

Permissions Model & Management

Summary: Permissions Management in B2G. Everything to grant, read, revoke and manage app permissions for B2G apps. Priority since most other APIs depend on this.
Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=707625
Permission DB (currently being designed)

Web Contacts

Summary: API for reading/updating the address book Wiki: https://wiki.mozilla.org/WebAPI/ContactsAPI Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=674720

B2G Telephony

Summary: B2G Telephony functions including underlying radio components (RIL)
Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=699235

SMS

Summary: B2G SMS Functionality
https://wiki.mozilla.org/Mobile/Projects/SMSDatabase
https://bugzilla.mozilla.org/show_bug.cgi?id=709564

Browser

Summary: API for providing B2G browser iframe (iframe which can function as a browser)
Wiki: https://wiki.mozilla.org/WebAPI/EmbeddedBrowserAPI
Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=693515

Network Connectivity

Summary: Wifi, 3G and the associated management APIs
Wiki pages:
- https://wiki.mozilla.org/WebAPI/NetworkAPI
- https://wiki.mozilla.org/Mobile/Products/Wifi
- Network Traffic Manager [NOT STARTED]
Bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=710493 (Network Manager Features)
- https://bugzilla.mozilla.org/show_bug.cgi?id=710493 (3g Connectivity)
- https://bugzilla.mozilla.org/show_bug.cgi?id=717123 B2G Wifi

App Management

Installation and management of Web Apps (Open Web Apps for B2G)

Bug(mozApps): https://bugzilla.mozilla.org/show_bug.cgi?id=725397

Bug (app cache): https://bugzilla.mozilla.org/show_bug.cgi?id=702369

Web Bluetooth

Summary: Bluetooth API for B2G https://bugzilla.mozilla.org/show_bug.cgi?id=727618

Settings API

Summary: API for managing the B2G phone settings Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=678695

Updater

Summary: Gaia and Gecko update mechanisms for B2G

Gaia Apps

All of the following apps will need at least a cursory review

Critical to review
- Settings
- Marketplace
- Dialer
- SMS

Non-critical to review
- Camera
- Photo Gallery
- Video player
- Music player
- Email
- Calendar
- Clock
- Calculator
- Notepad
- Maps

Retrieved from "https://wiki.allizom.org/index.php?title=Security/Reviews/B2G&oldid=408008"