Security/Reviews/Shumway
Jump to navigation
Jump to search
Full Query
Please use "Edit with form" above to edit this page.
Item Reviewed
| Shumway SWF Player | |||||||||
| Target |
1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%); |
||||||||
{{#set:SecReview name=Shumway SWF Player
|SecReview target=
| ID | Summary | Priority | Status |
|---|---|---|---|
| 780311 | Security Review - Shumway SWF Runtime | -- | RESOLVED |
1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);
}}
Introduce the Feature
Goal of Feature, what is trying to be achieved (problem solved, use cases, etc)
- The Shumway engine allows flash content to be rendered
- currently in a work week with 2 goals to implement
- video play for h264 video, aac audio, flv container
- mobile game
What solutions/approaches were considered other than the proposed solution?
`
Why was this solution chosen?
- avoid current issues with other players
Any security threats already considered in the design and why?
`
Threat Brainstorming
- use firefox security model over flash security model
- this is what they are working towards
- the issue here is that we need to remain consistent with the flash player security model
- or explicitly decide that we are going to violate the security assumptions of the author of the SWF
- we will want to look into how CheckLoadURI interacts with shumway
- Current plugins (incl. Flash) try most of their normal web loads through the browser (NPAPI) to take advantage of proxy settings, etc.
- ALL of those calls ARE checked against nsIContentPolicy using the load type TYPE_OBJECT_SUBREQUEST
- SWF is loaded via rsrc://
- only API's exposed right now are drawing API's - other API's will throw errors
{{#set: SecReview feature goal=* The Shumway engine allows flash content to be rendered
- currently in a work week with 2 goals to implement
- video play for h264 video, aac audio, flv container
- mobile game
|SecReview alt solutions=' |SecReview solution chosen=* avoid current issues with other players |SecReview threats considered=' |SecReview threat brainstorming=* use firefox security model over flash security model
- this is what they are working towards
- the issue here is that we need to remain consistent with the flash player security model
- or explicitly decide that we are going to violate the security assumptions of the author of the SWF
- we will want to look into how CheckLoadURI interacts with shumway
- Current plugins (incl. Flash) try most of their normal web loads through the browser (NPAPI) to take advantage of proxy settings, etc.
- ALL of those calls ARE checked against nsIContentPolicy using the load type TYPE_OBJECT_SUBREQUEST
- SWF is loaded via rsrc://
- only API's exposed right now are drawing API's - other API's will throw errors
}}
Action Items
| Action Item Status | None |
| Release Target | ` |
| Action Items | |
| ' | |
{{#set:|SecReview action item status=None
|Feature version=` |SecReview action items=` }}