Security/B2G/2014 03 4

From MozillaWiki
< Security‎ | B2G
Jump to: navigation, search

FirefoxOS Security Team Meeting

1pm PST, B2G Vidyo room Prior notes are here: https://wiki.mozilla.org/Security/B2G/2014_02_24

Agenda Items

  • [cr] devtools stuff
* Paul Rouget and team are planning to rewrite app-validator in js and move into dev tools.
* We expect app-validator to stay on submission, but probably more focussed on basic QA and perhaps malware detection.
* File browser (which Matt called "a hack on hacks") will probably also stay in Zamboni. For now it's the best place to have version control  and the diff viewer.

- reviews

News

- new component created - eg https://bugzilla.mozilla.org/show_bug.cgi?id=979542 - Rob's Damn Vulnerable FxOS App is in the review queue https://marketplace.firefox.com/developers/app/dvfa/ . Will be used for sec review tutorial (ongoing work in https://docs.google.com/a/mozilla.com/document/d/1ccHe5njGTEWaeS0-oke0S4j1IwMcGZzh630nz1lPOtI )

Notes

Refactoring debugger server: https://bugzilla.mozilla.org/show_bug.cgi?id=942756

Previous Action Items

  • [everyone] ask fxos functional teams for new features landing this week

New Action Items

Goal Status Updates

- [cr] has been digging around the dev tools code in Firefox Nightly.

Other stuff