Security/Reviews/AppsOnSDcard

From MozillaWiki
< Security‎ | Reviews
Revision as of 03:27, 11 June 2013 by Ptheriault (talk | contribs) (Created page with " ==Storing apps data on the sdcard== Storage on the /data partition is limited. It is proposed to store some or all app data on the sdcard instead of the local device storage....")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Storing apps data on the sdcard

Storage on the /data partition is limited. It is proposed to store some or all app data on the sdcard instead of the local device storage. This introduces a number of security threats:

- Sensitive app data might be disclosed - Apps will not be available if sdcard is not present - App data may be modified (both app code & data)


Threat Model

The key threats are:

  • Lost device: sensitive app data disclosed to a user
  • Short-term physical access to device ('evil-maid' scenario)
  • Malicious docking station (e.g. malicious charging station)
  • Remote exploit through malicious apps/content

We need to provide equivalent level protection to apps which are already stored on /data. The strategy to

Threats

Threat Proposed controls
sdcard could be removed and accessed in another machine Encrypt all data with device-specific key
sdcard can be accessed via USB mass storage modify USB mass storage so that it only provides access to part of the sdcard
sdcard can be accessed via Device Storage API modify Device Storage API so that it doesn't provide access to app data directories
weaker file permissions on sdcard may may exploitation of gecko vulnerabilities easier Set permissions with the same restrictions as /data
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Reviews/AppsOnSDcard&oldid=665607"