Security/Reviews/Thunderbird/BigFiles
From MozillaWiki
- Items to be reviewed
https://wiki.mozilla.org/Features/Thunderbird/BigFiles | ThunderBird Big Files -- back-end
Contents
Introduce Feature
Goal of Feature, what is trying to be achieved (problem solved, use cases, etc)
- store large file attachments in online storage
- providers are XPCOM components
- cooperating with service providers on both a technical and business side
- can be pulblic services or private (ie. local ftp)
- Files are uploaded when you attach them, possibly also from the attachment box afterwards.
- "provision" UI
- "logging in" UI
- "attachment" UI
- receiving a mail would have a link with some annotations
- who specifies these annotations?
- Thunderbird might do something special on receiving annotated mail (currently undefined -- automatically download, maybe?)
What solutions/approaches were considered other than the proposed solution?
Why was this solution chosen?
- appearance of online storage for large files is well understood and accepted
Any security threats already considered in the design and why?
Threat Brainstorming
- annotations could be used to XSS
- escape filename and other userdata sent in URLs
- MITM trying to subvert the SSL connection
Conclusions / Action Items
>> Please use format of : [Who] || What || Completion time frame
- Needs privacy review.
- TB Team || fill out privacy review template at https://wiki.mozilla.org/Privacy/Reviews/ThunderbirdBigFiles || before shipping code
- TB Team || put high-level data flow into the privacy review (see other privacy reviews for example) || before shipping code
- TB Team || send mail to sid when it's ready or with questions || after filling out template
- TB Team || add test that bad cert handler is working -- that users do NOT see a cert override dialog, the connection should just fail || before shipping code
- SecTeam Unassigned || impl review of OAUTH usage || before shipping
- dveditz || review code for usendit || before shipping
- SecTeam/Tb Team || a security review of the "Provisioning" flow || <when?> soon, when designed.
Other Questions:
- What's the project's ETA for shipping?
- 13-Mar-2012 (TB11)