Security/WebAPI/Socket API
Jump to navigation
Jump to search
Please use "Edit with form" above to edit this page.
Project Info
| Socket API | |
| Project Page | https://bugzilla.mozilla.org/show_bug.cgi?id=733573 |
| Next Milestone | ` |
| Security Resource | ` |
{{#set:Component=Socket API |Project=https://bugzilla.mozilla.org/show_bug.cgi?id=733573 |Milestone=` |Resource=` }}
Security Information
| Status: | OK |
| Securtiy Approved for Beta Launch?: | No |
| Data Flow Diagram: | ` |
| Threat Model: | ` |
| Bugs: | ` |
| Security Review: | ` |
| Final Security Approval: | no |
{{#set:Sectrackerstatus=OK |Simpyn=No |DFD=` |TM=` |bugs=` |Secreview=` |SecTrackerFSA=no }}
Background
Goals Expose Socket API so that Web Apps can connect to services requiring such access (e.g. SMTP Web App)
- TCP Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=733573
- UDP bug: https://bugzilla.mozilla.org/show_bug.cgi?id=745283
Articles:
Source:
Open Questions
- Could any security restrictions be applied to mitigate security risk? E.g. we could prevent localhost connections - but this might prevent a valid use case.
- (out of scope but important) How will credentials be stored (assuming that apps making connections will need credentials to make secure connections)
- will this API only be available to b2g (I assume not, but how will the trust model work then?)
Threat Model
The following threats have been considered
- Malicious website uses API to connect to internal resource
- Increased port scanning capability
- Data exfiltration
- Connection to local device
Authorization Model
For B2G:
- This will only be available to trusted web apps.
- B2G trusted apps are cached on the phone, code is not loaded dynamically.
- App must request socket permission in the manifest.