[META] New Gaia Security Model

RESOLVED DUPLICATE of bug 1149545

Status

()

Core
Security
RESOLVED DUPLICATE of bug 1149545
3 years ago
3 years ago

People

(Reporter: jgong, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

User Story

This is a meta bug to track for new security model to support new unified application architecture for Gaia apps.  

Goals are:
- Enable exposing "sensitive APIs" to 3rd party developers.
- Use the same update and security model for gaia and for 3rd party content.
- Don't require content which uses "senstivie APIs" to be installed. Users should be able to simply browse to it.
- Don't have separate cookie jars for separate apps. At least for normal content which doesn't use "sensitive APIs".
-Ensure that content which uses "sensitive APIs" always runs in a separate process. Enforce in the 
parent process that only these separate processes can trigger "sensitive APIs". I.e. hacking a child process should not permit access to more sensitive APIs.
- Enable content which uses "sensitive APIs" to have normal http(s) URLs such that they can use OAuth providers like facebook.
- Enable content which uses "sensitive APIs" to use service workers.

This new security model involves 7 key implementation areas.

1 Signing  https://wiki.mozilla.org/FirefoxOS/New_security_model#Signing
2 Verifying signatures https://wiki.mozilla.org/FirefoxOS/New_security_model#Verifying_signatures
3 CSP  https://wiki.mozilla.org/FirefoxOS/New_security_model#CSP
4 Process isolation  https://wiki.mozilla.org/FirefoxOS/New_security_model#Process_isolation
5 Installing and updating https://wiki.mozilla.org/FirefoxOS/New_security_model#Installing_and_updating
6 Service Workers  https://wiki.mozilla.org/FirefoxOS/New_security_model#Service_Workers
7 Origins and cookie jars https://wiki.mozilla.org/FirefoxOS/New_security_model#Origins_and_cookie_jars
(Reporter)

Description

3 years ago
This is a meta bug to track for new security model to support new unified application architecture for Gaia apps.
(Reporter)

Updated

3 years ago
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1149545
No longer depends on: 1153422
You need to log in before you can comment on or make changes to this bug.