385
edits
Labs/Weave/Sync Client Security Review: Difference between revisions
Jump to navigation
Jump to search
Labs/Weave/Sync Client Security Review (view source)
Revision as of 19:38, 10 February 2010
, 10 February 2010→Security and Privacy
| Line 14: | Line 14: | ||
* Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing? | * Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing? | ||
* Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project. | * Include a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project. | ||
** Data/actions are generated on the client but stored on the server, so how the server responds with what can change the behavior (e.g., missing data) | |||
* How are transitions in/out of Private Browsing mode handled? | * How are transitions in/out of Private Browsing mode handled? | ||
** Sync is disabled during private browsing and reschedules on exit | ** Sync is disabled during private browsing and reschedules on exit | ||