SecurityEngineering/2013/Q3Goals: Difference between revisions
< SecurityEngineering | 2013
Jump to navigation
Jump to search
| Line 7: | Line 7: | ||
*** Implement : {{new|Fix window.crypto to work in E10S}} | *** Implement : {{new|Fix window.crypto to work in E10S}} | ||
*** Implement : {{drop|Fix CSP tests to work in E10S}} | *** Implement : {{drop|Fix CSP tests to work in E10S}} | ||
*** Implement : {{done|land seccomp for Linux (min bar for sandboxing)}} related: {{bug|790923}} | *** Implement : {{done|land seccomp for Linux (min bar for sandboxing)}} related: {{bug|790923}} and {{bug|914716}} | ||
*** Research : {{risk|Prioritize secomp tightening steps, begin executing it}} | *** Research : {{risk|Prioritize secomp tightening steps, begin executing it}} | ||
*** Research : {{done|Create story/plan for addon compatibility}} (also see [https://docs.google.com/spreadsheet/ccc?key=0AhFRRYurPzRndHQwUVNscThIbFBsYmNRaU44LVlDdlE#gid=0 evilpie's doc]) | *** Research : {{done|Create story/plan for addon compatibility}} (also see [https://docs.google.com/spreadsheet/ccc?key=0AhFRRYurPzRndHQwUVNscThIbFBsYmNRaU44LVlDdlE#gid=0 evilpie's doc]) | ||
Revision as of 22:41, 30 September 2013
Q3 Goals
- [AT RISK] Finish first phase of Sandboxing
- Outcome: seccomp in e10s/Larch or on nightly + clear roadmap
- DRI: Sid
- Tasks:
- Consult : E10S contributions to make it reasonably usable in nightly. (without extensions/plugins)
- Implement : [NEW] Fix window.crypto to work in E10S
- Implement : [DROPPED] Fix CSP tests to work in E10S
- Implement : [DONE] land seccomp for Linux (min bar for sandboxing) related: bug 790923 and bug 914716
- Research : [AT RISK] Prioritize secomp tightening steps, begin executing it
- Research : [DONE] Create story/plan for addon compatibility (also see evilpie's doc)
- [DONE] Cookie Clearinghouse
- Outcome: Identify feasibility and nail down spec
- DRI: Monica
- Tasks:
- Implement : [DONE] spec out list format and make go/nogo decision on implementation
- Consult : [DROPPED] drive Stanford effort to stable spec
- [MISSED] Implement alternative revocation checking mechanisms
- Outcome: must-staple + pinning + insanity on by default in nightly
- DRI: Camilo
- Tasks:
- Implement : [MISSED] Enable insanity::pkix validation by default on nightly -- starting to land as of 9/16
- Implement : [DROPPED] Land key pinning
- Implement : [MISSED] Land must-staple support
- [DONE] SafeBrowsing 2.0
- Outcome: App reputation whitelist on by default in nightly
- DRI: Monica
- Tasks:
- Implement : [DONE] Land app reputation system with whitelist support bug 842828