Closed Bug 1149545 (nsec) Opened 10 years ago Closed 9 years ago

[META] New Firefox OS Security Model

Categories

(Firefox OS Graveyard :: Infrastructure, defect, P1)

Product:
Firefox OS Graveyard
Component:
Infrastructure
Platform:
x86
macOS
Type:
defect

Tracking

(feature-b2g:2.5+)

Status:
RESOLVED WONTFIX
Project Flags:
feature-b2g 2.5+

People

(Reporter: jgong, Assigned: pauljt)

References

Details

(Whiteboard: [newsecurity])

User Story

This is a meta bug to track for new security model to support new unified application architecture for Gaia apps.  

Goals are:
- Enable exposing "sensitive APIs" to 3rd party developers.
- Use the same update and security model for gaia and for 3rd party content.
- Don't require content which uses "senstivie APIs" to be installed. Users should be able to simply browse to it.
- Don't have separate cookie jars for separate apps. At least for normal content which doesn't use "sensitive APIs".
-Ensure that content which uses "sensitive APIs" always runs in a separate process. Enforce in the 
parent process that only these separate processes can trigger "sensitive APIs". I.e. hacking a child process should not permit access to more sensitive APIs.
- Enable content which uses "sensitive APIs" to have normal http(s) URLs such that they can use OAuth providers like facebook.
- Enable content which uses "sensitive APIs" to use service workers.

This new security model involves 7 key implementation areas.

1 Signing  https://wiki.mozilla.org/FirefoxOS/New_security_model#Signing
2 Verifying signatures https://wiki.mozilla.org/FirefoxOS/New_security_model#Verifying_signatures
3 CSP  https://wiki.mozilla.org/FirefoxOS/New_security_model#CSP
4 Process isolation  https://wiki.mozilla.org/FirefoxOS/New_security_model#Process_isolation
5 Installing and updating https://wiki.mozilla.org/FirefoxOS/New_security_model#Installing_and_updating
6 Service Workers  https://wiki.mozilla.org/FirefoxOS/New_security_model#Service_Workers
7 Origins and cookie jars https://wiki.mozilla.org/FirefoxOS/New_security_model#Origins_and_cookie_jars
No description provided.
User Story: (updated)
User Story: (updated)
Component: Gaia → Infrastructure
Depends on: nsec-sw, nsec-origins, nsec-verify, nsec-signing, nsec-isolation, nsec-installing, nsec-csp
Summary: [meta] New Gaia Security Model → [META] New Gaia Security Model
Blocks: 1153449
Whiteboard: [newsecurity]
Priority: -- → P1
Assignee: nobody → ptheriault
I've change the title since the things this bug blocks and the details comment concern more than just Gaia. Sorry for bug morphing, but I figured its ok since its just a tracking bug.
Summary: [META] New Gaia Security Model → [META] New Firefox OS Security Model
Alias: nga-security → nsec-security
Alias: nsec-security → nsec
While you are changing the alias all the time in a bikeshedding fashion, let me state that "NSA" for "new security architecture" would have been cool. ;-)
Just my two cents: 1. NSA is symmetric to NGA (New Gaia Architecture). 2. nsec could easily be associated with nano-seconds in the first glance. 3. But nsec is easier to be pronounced (new sec) than NSA, and many stakeholders are already familiar with it. Actually I don't prefer either abbreviation especially, just a common language for all us. :)
No longer depends on: 1163254
feature-b2g: --- → 2.5+
Depends on: 1211782
Depends on: 1210235
Depends on: 1224987
Depends on: 1226508
Depends on: 1226509
This a probably a wontfix, at least for the previous team. It could be reopened if it was deemed useful for the TV project etc.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.