Security/ReviewTopics: Difference between revisions

Jump to navigation Jump to search

Security/ReviewTopics (view source)

Revision as of 04:06, 12 October 2010

80 bytes added ,  12 October 2010
→‎Security
(Created page with "These are some questions we might ask during a security review. == Security == Provide a thorough description of the security assumptions, capabilities and any potential risks (...")
 
Line 6: Line 6:
* Is this feature a security feature?   
* Is this feature a security feature?   
** If it is, what security issues is it intended to resolve?
** If it is, what security issues is it intended to resolve?
** Do your tests include both should-be-allowed and should-be-disallowed cases?
* Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing?
* Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing?
* If any content or UI is displayed to the user, in what context is that content presented?  Does it have chrome privileges, for example?
* If any content or UI is displayed to the user, in what context is that content presented?  Does it have chrome privileges, for example?
Jesse
Confirmed users
729

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/260090"

Navigation menu