590
edits
User talk:Comrade693/Storage Async API Security Review: Difference between revisions
Jump to navigation
Jump to search
User talk:Comrade693/Storage Async API Security Review (view source)
Revision as of 17:20, 24 October 2008
, 24 October 2008→Security and Privacy
Comrade693 (talk | contribs) (→Overview: Added background links) |
Comrade693 (talk | contribs) |
||
| Line 9: | Line 9: | ||
== Security and Privacy == | == Security and Privacy == | ||
* What security issues do you address in your project? | * What security issues do you address in your project? | ||
** none that I am aware of | |||
* Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing? | * Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing? | ||
** These new features do not depend on preferences. | |||
** These features could do bad things if SQLite was not compiled with SQLITE_THREADSAFE | |||
* Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project. | * Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project. | ||
** We assume that all calling code is either going through XPConnect, or is native code that has access to libxul. | |||
* How are transitions in/out of Private Browsing mode handled? | * How are transitions in/out of Private Browsing mode handled? | ||
** Consumers of storage would have to manage that themselves. | |||
== Exported APIs == | == Exported APIs == | ||