WebAPI/Security/Contacts

From MozillaWiki
< WebAPI‎ | Security
Revision as of 12:17, 25 June 2012 by Ladamski (talk | contribs)
Jump to navigation Jump to search

Contacts API

Reference:https://wiki.mozilla.org/WebAPI/ContactsAPI Brief purpose of API: Access to users contacts.

General Use Cases:N/A

Inherent threats:

  • Read/exfiltrate confidential information,
  • Destroy user's contact data
  • DoS via filling address book with bogus data

Threat severity: high

Regular web content (unauthenticated)

Use cases for unauthenticated code: Mediated access to specific (user selected) contact information

Authorization model for uninstalled web content: OS mediated (web activities, or trusted UI)
Authorization model for installed web content: OS mediated (web activities, or trusted UI)

Potential mitigations:

  • App requests a contact via web activities or trusted UI
  • API provides a local identifier instead of the actual contact information

Trusted (authenticated by publisher)

Use cases for authenticated code: Create, read or edit contact information

Authorization model: Explicit

Potential mitigations:

  • Let user configure what data is accessible (globally?)
  • Have separate permissions read,create or update/delete? (assuming that

many apps only want read, and could use web activities to create a contact if necessary?)

Certified (vouched for by trusted 3rd party)

Use cases for certified code: Create, read or edit contact information

Authorization model: Implicit

Potential mitigations: None

Retrieved from "https://wiki.allizom.org/index.php?title=WebAPI/Security/Contacts&oldid=445054"