Security/Reviews/Firefox/AppsSync
From MozillaWiki
- Items to be reviewed
Introduce Feature
Goal of Feature, what is trying to be achieved (problem solved, use cases, etc)
- sync apps installed by the navigator.mozApps API between sync enabled devices
- in JS in sync, running as chrome priv
- diff devices with diff applications (fx, fennec, b2g)
- tries to install
- no explicit UX for any part of this - the user is not prompted
- this will apply only to apps installed from a http or https origin
- this sync feature does sync across devices (desktop -> mobile)
- there's a sync preference / check box to opt out of this
What solutions/approaches were considered other than the proposed solution?
Why was this solution chosen?
Any security threats already considered in the design and why?=
- The feature follows the same security model as other sync engines: add-on records are encrypted using the Sync Key and the IDs for each add-on are randomly generated.
Threat Brainstorming
- Attacker with access to your sync account could silently push apps to your sync clients
- is this a sync problem or a problem for this feature?
- a problem introduced by the feature. Before this feature, an attacker could only push bookmarks/history to your sync devices.
- is this a sync problem or a problem for this feature?