Security/AppSecBiweekly/2012-02-21
From MozillaWiki
< Security | AppSecBiweekly
- Time: (BiWeekly) Tuesday at 12:00 PM PDT / 3:00PM EDT / 8:00PM UTC.
- Place: Mozilla HQ, 3A (3rd Floor)
- Phone (US/Intl): 650 903 0800 x92 Conf: 9274#
- Phone (Toronto): 416 848 3114 x92 Conf: 9274#
- Phone (US): 800 707 2533 (pin 369) Conf: 9274#
webapps
- we need to schedule a meeting with ianbicking, mhanson to discuss the overall dataflow for apps project
- PT is attempting to enage with B2G as they have another concept of what a web app is I think (or at least are another stakeholder...)
services
- threatmodeling meetings for queuey and metlog coming up Friday/Monday
- services team asked for a "checklist" of sorts that they can look at for security
- dchan told them that we were working on something and will send that to them
- we should schedule testing of token server, metlog and queuey
- there is a running instance of tokenserver
Pancake (mgoodwin)
- stuff keeps changing
- replacing mysql db
B2G (pt)
- seems to be some disagreement on what an "app" is
- permission model being worked on
Requests (curtisk)
- further review of remote debugging > mgoodwin
- GCLI commands > dchan/mgoodwin
- Window resizing via GCLI - https://bugzilla.mozilla.org/show_bug.cgi?id=710153
- Open Scratchpad via GCLI - https://bugzilla.mozilla.org/show_bug.cgi?id=683513
- Cache Control Command - https://bugzilla.mozilla.org/show_bug.cgi?id=710157
