B2G App Security Model/Threat Model: Difference between revisions

Jump to navigation Jump to search

B2G App Security Model/Threat Model (view source)

Revision as of 01:04, 23 March 2012

42 bytes added ,  23 March 2012
m
→‎Potential Countermeasures
Line 97: Line 97:
* Effective security update process
* Effective security update process
* Unique application identifiers? (i.e. spoofing an domain is not enough to gain access to another application’s permissions)
* Unique application identifiers? (i.e. spoofing an domain is not enough to gain access to another application’s permissions)
* Sandboxing low-privileged content processes  
* Sandboxing low-privileged content processes ('''note: this must be spawn NOT fork''').
* Reduce attack vectors to vulnerable code
* Reduce attack vectors to vulnerable code
** Prevent loading of remote scripts for critical apps
** Prevent loading of remote scripts for critical apps
Lkcl
177

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/410911"

Navigation menu