Security/Reviews/Gaia/Camera
Contents
App Review Details
- App: Gaia Camera App
- Review Date: 23 Jun 2013
- Review Lead: Paul Theriault
Overview
Camera takes photos and video using the certified-only Camera Control API (https://developer.mozilla.org/en-US/docs/Web/API/CameraControl) This API is only available tot he camera app for security reasons. The camera app however does handle certain web activities so that other apps can take pictures and video.
Architecture
Components
Relevant Source Code
The camera app consists of 2 javascript files: https://github.com/mozilla-b2g/gaia/blob/master/apps/camera/js/camera.js https://github.com/mozilla-b2g/gaia/blob/master/apps/camera/js/filmstrip.js
Permissions
"permissions": { "storage":{}, "device-storage:pictures":{ "access": "readwrite" }, "device-storage:videos":{ "access": "readwrite" }, "settings":{ "access": "readonly" }, "camera":{}, "geolocation":{}, "audio-channel-notification":{} },
Web Activity Handlers
Supports 2 activities: record (photo & video) & pick (images video)
Record starts the camera in either photo or video mode.
Pick returns an image to the calling page.
"activities": {
"record": { "filters": { "type": ["photos", "videos"] }, "disposition": "window" }, "pick": { "filters": { "type": ["image/*", "image/jpeg"] }, "returnValue": true, "disposition": "inline", "href": "/index.html#pick" } },
Web Activity Usage
Use mozactivity to launch the gallery. No security implications.
filmstrip launches a share activity. Again doesn't do anything with return value, so no security implications.
Notable Event Handlers
No issues identified.
Code Review Notes
Limited inputs apart from web activity usage discussed above.
1. XSS & HTML Injection attacks
Not really any inputs so no risk here.
2. Secure Communications
Doesn't do any communication
3. Secure data storage
No applicable.
4. Denial of Service
- Use all disk space with a recording?
- No way for another app to start recording.
- Starting camera to waste battery?
- Web activity could be used to start camera, which would consume a lot of bandwidth. Not really any different to other resource usage (e.g. deliberately chewing cpu etc)
- DoS the camera by repeated recordings
5. Use of Privileged APIs
Settings access readonly, just used for shutter noise.
6. Interfaces with other Apps/Content
Device storage is only interface apart from web activities.
Security Risks & Mitigating Controls
Video indicator is broken - turns on but doesn't turn off.
Actions & Recommendations
Recording indicator shows that camera is enabled, but not which camera, or how to turn it off. (known issues 828600)