385
edits
Labs/Weave/Sync Client Security Review: Difference between revisions
Labs/Weave/Sync Client Security Review (view source)
Revision as of 17:47, 10 February 2010
, 10 February 2010→Configuration
| Line 63: | Line 63: | ||
== Configuration == | == Configuration == | ||
* Can the end user configure settings, via a UI or about:config? Hidden prefs? Environment variables? | * Can the end user configure settings, via a UI or about:config? Hidden prefs? Environment variables? | ||
** Pref pane controls what data gets synced and which account is logged in | |||
** about:config contains other prefs that the service uses for data storage like logging levels, when to sync, server urls, prefs to sync | |||
** Password/passphrase are stored with the password manager | |||
* Are there build options for developers? [#ifdefs, ac_add_options, etc.] | * Are there build options for developers? [#ifdefs, ac_add_options, etc.] | ||
** Packaging for dev/amo channels (sets update url) | |||
** Rebuilding crypto library | |||
* What ranges for the tunable are appropriate? How are they determined? | * What ranges for the tunable are appropriate? How are they determined? | ||
** Sync intervals depend on the makeup of clients connected (desktop? mobile? how many?) | |||
* What are its on-going maintenance requirements (e.g. Web links, perishable data files)? | * What are its on-going maintenance requirements (e.g. Web links, perishable data files)? | ||
** Update urls/updated landing page | |||
== Relationships to other projects == | == Relationships to other projects == | ||