canmove, Confirmed users
1,537
edits
Security/ReviewTemplate: Difference between revisions
m
→Security and Privacy
| Line 21: | Line 21: | ||
== Security and Privacy == | == Security and Privacy == | ||
Provide a thorough description of the security assumptions, capabilities and any potential risks (possible attack points) being introduced by your project. | |||
* Is this feature a security feature? | |||
** If it is, what security issues is it intended to resolve? | |||
* How are transitions in/out of Private Browsing mode handled? | * How are transitions in/out of Private Browsing mode handled? | ||
* Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing? | * Is system or subsystem security compromised in any way if your project's configuration files / prefs are corrupt or missing? | ||
* If any content or UI is displayed to the user, in what context is that content presented? Does it have chrome privileges, for example? | * If any content or UI is displayed to the user, in what context is that content presented? Does it have chrome privileges, for example? | ||
* Does the feature include any new cryptographic functions or other security-critical code? Has this code been reviewed and verified by someone familiar with the theory or principles behind it? | * Does the feature include any new cryptographic functions or other security-critical code? | ||
** Has this code been reviewed and verified by someone familiar with the theory or principles behind it? | |||
== Exported APIs == | == Exported APIs == | ||