Security/Features: Difference between revisions

← Older edit

Security/Features (view source)

Revision as of 18:43, 10 January 2014

4,637 bytes added , 10 January 2014

no edit summary

Curtisk

canmove, Confirmed users, Bureaucrats and Sysops emeriti

2,776

edits

@@ Line 1: / Line 1: @@
-This page lists the security features under development and our plans for deployment.
+{{warning|This page is no longer maintained.  Please see [[SecurityEngineering/Roadmap]] for current projects}}
+This page once listed the security features under development and our plans for deployment.
 = Status Overview =
-{|class="fullwidth-table sortable" border
+<table class="fullwidth-table sortable" border>
-| '''Feature'''
+<tr>
-| '''Design'''
+<th> Feature </th>
-| '''Discussion'''
+<th> Design </th>
-| '''Review & Standards'''
+<th> Discussion </th>
-| '''Prototype'''
+<th> Review & Standards </th>
-| '''Implementation'''
+<th> Prototype  </th>
-|-
+<th> Implementation </th>
-| Origin
+<th> Version Target </th>
-| Done
+</tr>
-| Done
+<tr>
-| In Progress
+<td style='background-color:;'> Origin </td>
-|
+<td style='background-color:#cfc;'> Done </td>
-|
+<td style='background-color:#cfc;'> Done </td>
-|-
+<td style='background-color:#ffc;'> In Progress</td>
-| CSP
+<td style='background-color:#fcc;'>Not Started </td>
-| Done (2/2009)
+<td style='background-color:#fcc;'>Not Started</td>
-| Pretty Much Done (9/2009)
+<td style='background-color:#fcc;'>  </td>
-|
+</tr>
-| Done (8/2008)
+<tr>
-| Beta (9/2009)
+<td style='background-color:;'> [[Security/CSP|CSP]] </td>
-|-
+<td style='background-color:#cfc;'> Done (2/2009)</td>
-| ForceTLS
+<td style='background-color:#dfc;'> Pretty Much Done (9/2009)</td>
-| Done (Q2 2009)
+<td style='background-color:#fcc;'> Not Started</td>
-| In Progress
+<td style='background-color:#cfc;'> Done (8/2008)</td>
-| In Progress
+<td style='background-color:#cfc;'> [http://hg.mozilla.org/mozilla-central/rev/7229621a1886 Done] (3/2010)</td>
-| Done (6/2009)
+<td style='background-color:#cfc;'> 4.0 </td>
-| In Progress
+</tr>
-|-
+<tr>
-| Process Isolation
+<td style='background-color:;'> [https://bugzilla.mozilla.org/show_bug.cgi?id=495115 ForceTLS] </td>
-| Done
+<td style='background-color:#cfc;'> Done (Q2 2009)</td>
-| In Progress
+<td style='background-color:#ffc;'> In Progress</td>
-|
+<td style='background-color:#ffc;'> [http://tools.ietf.org/html/draft-hodges-strict-transport-sec In Progress]</td>
-|
+<td style='background-color:#cfc;'> Done (8/2010)</td>
-| In Progress
+<td style='background-color:#cfc;'> [http://hg.mozilla.org/mozilla-central/rev/5dc3c2d2dd4f Done] (8/2009)</td>
-|}
+<td style='background-color:#cfc;'> 4.0 </td>
+</tr>
+<tr>
+<td style='background-color:;'> [[Security/ProcessIsolation|Process Isolation]] </td>
+<td style='background-color:#cfc;'> Done</td>
+<td style='background-color:#ffc;'> In Progress</td>
+<td style='background-color:;'>&nbsp;</td>
+<td style='background-color:#eee;'> n/a </td>
+<td style='background-color:#ffc;'> In Progress</td>
+<td style='background-color:#ffc;'> ? </td>
+</tr>
+<tr>
+<td style='background-color:;'> X-Frame-Options</td>
+<td style='background-color:#cfc;'> Done (Previous)</td>
+<td style='background-color:#ffc;'> In Progress (stable)</td>
+<td style='background-color:#cfc;'> Done (Previous)</td>
+<td style='background-color:#eee;'> n/a </td>
+<td style='background-color:#cfc;'> [https://bugzilla.mozilla.org/show_bug.cgi?id=475530 Done]</td>
+<td style='background-color:#cfc;'> 4.0 </td>
+</tr>
+<tr>
+<td style='background-color:;'> [[Security/Features/Content Hashing|Content Hashing]]</td>
+<td style='background-color:#ffc;'> in progress</td>
+<td style='background-color:#ffc;'> in progress </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> ? </td>
+</tr>
+<tr>
+<td style='background-color:;'> [[Security/Features/XSS Filter|XSS Filter]]</td>
+<td style='background-color:#ffc;'> in progress</td>
+<td style='background-color:#ffc;'> in progress </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> tbd </td>
+<td style='background-color:#fcc;'> ? </td>
+</tr>
+</table>
 = Projects =
 This is intended to summarize the status and basic goals of each project, and not serve as an ultimate authority on each of the features.
+SEE ALSO: [[Privacy/Features/]]
 == Origin Header / Sec-From ==
 Beginning as an [[Security/Origin]] header that aimed to prevent clickjacking as well as CSRF and JSON data theft, this feature has evolved into [[Security/Sec-From]] that will not prevent clickjacking, but can be compatible with various other specifications for similar HTTP request headers.
@@ Line 120: / Line 164: @@
 * {{done|get feedback (rinse, repeat) until comments are trivial}}
 * {{done|come to decision about whether or not to support meta tags (not supporting)}}
-* {{ok|come to decision about whether or not to support multiple HTTP headers}}
+* {{done|come to decision about whether or not to support multiple HTTP headers}}
 '''Review and Standardization''': In Progress.  ETA: ?
@@ Line 147: / Line 191: @@
 * {{done|make patch to report policy violations}}
 * {{done|make patch to implement base restriction enforcements}}
-* {{ok|land patch on trunk}}
+* {{done|land patch on trunk}}
 * {{ok|create document explaining how to write a good policy}}
 * {{ok|create document explaining how to convert a site to support CSP}}
@@ Line 176: / Line 220: @@
 Tasks:
-* {{ok|IETF?}}
+* {{ok|[http://tools.ietf.org/html/draft-hodges-strict-transport-sec IETF]}}
-* {{ok|W3C?}}  (Currently submitted here by Paypal)
+* <s>{{ok|W3C?}}  (Currently submitted here by Paypal)</s>
 '''Prototype''': Done.  (6/2009)
@@ Line 188: / Line 232: @@
 * {{done|submit to AMO for screening and public dissemination}}
-'''Implementation''': Not Started.  ETA: ?
+'''Implementation''': Done.  (8/2010)
 Tasks:
-* {{ok|convert prototype to C++}}
+* {{done|convert prototype to C++}} -- partially in JS, see {{bug|495115}}
-* {{ok|pick optimal location to scan for header}}
+* {{done|pick optimal location to scan for header}}
-* {{ok|write unit tests}}
+* {{done|write unit tests}}
-* {{ok|land on trunk}}
+* {{done|[http://hg.mozilla.org/mozilla-central/rev/5dc3c2d2dd4f land] on trunk}}
 == Process Isolation ==
 '''Design''': In Process.
+https://wiki.mozilla.org/Electrolysis
 ''Goals''
 * Create infrastructure to allow process separation within Firefox
+* Put plugins in a separate process for stability reasons
 * Create separate content processes for stability and performance reasons
 * Implemented isolated processes to reduce the damage for various types of vulnerabilities
@@ Line 208: / Line 255: @@
 * {{done|[[Electrolysis#Phase_I:_Bootstrap|Phase 1 (bootstrap)]]}}
 * {{done|[[IPC_Protocols]] design}}
-* {{ok|[[Electrolysis#Phase_II:_Parallel_Improvements|Phase 2 (Parallel Improvements)]]}}
+* {{ok|}}[https://bugzilla.mozilla.org/showdependencytree.cgi?id=OOPP&hide_resolved=1 Out of process plugins]
-* {{ok|[[Electrolysis#Phase_III:_extensions.2C_compatibility.2C_and_performance|Phase 3 (Extensions, Compatibility and Performance)]]}}
+* {{ok|}}[https://wiki.mozilla.org/Electrolysis#Fennec_OOP-Tabs_Phase_II_.28In_process.29 Multi-process tabs]
+* {{ok|[[Electrolysis#Fennec_OOP-Tabs_Phase_III:_extensions.2Fcompatibility.2Fperformance|Phase 3 (Extensions, Compatibility and Performance)]]}}
 * {{ok|[[Electrolysis#Phase_IV:_Multiple_content_processes|Phase 4 (Multiple content processes)]]}}
@@ Line 219: / Line 267: @@
 * {{done|Develop [[Security/ProcessIsolation/ThreatModel|threat model]]}}
-'''Review and Standardization''':  ?
+'''Review and Standardization''':
+* IPD: https://wiki.mozilla.org/IPDL
+* Pepper API could allow for sandboxed plugins: https://wiki.mozilla.org/Plugins:PlatformIndependentNPAPI
 '''Prototype''': In Process.
 * [[Content_Processes/Build|Build Instructions for Prototype]]
-'''Implementation''':  ?
+'''Implementation''':
+''Phases''
+https://wiki.mozilla.org/Electrolysis#Implementation
+* Plugin process separation - due to ship in Lorentz
+* Out of process tabs - in process
+* Add-on multi-process support and compatibility
+* Performance, caching, process pools
+* Sandboxing, of content processes and hopefully plugins
+== <tt>X-Frame-Options</tt> ==
+'''Design''': Done.
+''Goals''
+* Allow sites to specify how they may be enframed
+* Help prevent Clickjacking
+* Be compatible with IE/WebKit implementations
+'''Discussion''': In Process.
+''tasks''
+* {{drop|Discuss extensions of XFO with other implementation bodies}} (e.g., whole-tree-walking, etc.)
+* {{done|Make sure this will work along side [Security/CSP]}}
+'''Review and Standardization''':
+There does not exist a formal specification.  Eric Lawrence's [http://blogs.msdn.com/ie/archive/2009/01/27/ie8-security-part-vii-clickjacking-defenses.aspx blog post on X-Frame-Options] serves as the closest thing to a spec.
+'''Prototype''': None.
+'''Implementation''':  Done (see [https://bugzilla.mozilla.org/show_bug.cgi?id=475530 bug 4755300]).
+''Tasks''
+* {{done|Design Behavior}}
+* {{done|Implement Patch}}
+* {{done|Implement Unit Tests}}
+* {{done|Get reviewed and land on trunk}}