Security/Reviews/Firefox4/Cascade Session Restore Security Review

From MozillaWiki
Jump to: navigation, search

Security Review Pre-Work

Please fill our the short section below prior to the review, and make sure you contact security@mozilla.org to schedule your actual review.

Overview

The goal here was to make the browser more responsive while performing a session restore. We did this by only allowing a few tabs to be loading at a time (after some quick experimentation to determine this would in fact work)

Background links

Threats

Please list the top 3 security threats you have considered during the design and implementation of this feature. Consider attack points as well as code that feels fragile.

Nothing I can think of. We're hanging information we need from each <xul:browser> but not exposing any more information than is otherwise available.

What mitigations have you implemented?

None needed.

Topics To Discuss During The Review

Privacy

  • Does the feature cache or store data that could strengthen super-cookies?

No more than session restore does otherwise. Nothing particular to this feature.

  • How are transitions in/out of Private Browsing mode handled?

Transitions also cascade. However transitioning into PB mode doesn't need to cascade (only 1 tab) so we don't need to hang any data on the tab. Since we didn't hang any data on the tab while in PB mode, there's nothing special that needs to be done transitioning out.

  • How is "Clear Recent History" handled?

For tabs that hadn't been properly restored yet, we delete the data we were hanging off each tab and remove the listeners we added.

Review comments

Notes and bug numbers will be recorded here. Let's try not to spend too much time on any one topic during the meeting.