Security/Reviews/Shumway

From MozillaWiki
Jump to: navigation, search
Please use "Edit with form" above to edit this page.

Item Reviewed

Shumway SWF Player
Target 
   
     Full Query
ID Summary Priority Status
780311 Security Review - Shumway SWF Runtime -- RESOLVED

1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);

The given value "
   
     Full Query
ID Summary Priority Status
780311 Security Review - Shumway SWF Runtime -- RESOLVED

1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);

" contains strip markers and therefore it cannot be parsed sufficiently.

Introduce the Feature

Goal of Feature, what is trying to be achieved (problem solved, use cases, etc)

  • The Shumway engine allows flash content to be rendered
  • currently in a work week with 2 goals to implement
    • video play for h264 video, aac audio, flv container
    • mobile game

What solutions/approaches were considered other than the proposed solution?

`

Why was this solution chosen?

  • avoid current issues with other players

Any security threats already considered in the design and why?

`

Threat Brainstorming

  • use firefox security model over flash security model
    • this is what they are working towards
    • the issue here is that we need to remain consistent with the flash player security model
    • or explicitly decide that we are going to violate the security assumptions of the author of the SWF
  • we will want to look into how CheckLoadURI interacts with shumway
    • Current plugins (incl. Flash) try most of their normal web loads through the browser (NPAPI) to take advantage of proxy settings, etc.
    • ALL of those calls ARE checked against nsIContentPolicy using the load type TYPE_OBJECT_SUBREQUEST
  • SWF is loaded via rsrc://
  • only API's exposed right now are drawing API's - other API's will throw errors
  • Property "SecReview feature goal" (as page type) with input value "* The Shumway engine allows flash content to be rendered
    • currently in a work week with 2 goals to implement
      • video play for h264 video, aac audio, flv container
      • mobile game" contains invalid characters or is incomplete and therefore can cause unexpected results during a query or annotation process.
      • Property "SecReview threat brainstorming" (as page type) with input value "* use firefox security model over flash security model
      • this is what they are working towards
      • the issue here is that we need to remain consistent with the flash player security model
      • or explicitly decide that we are going to violate the security assumptions of the author of the SWF
    • we will want to look into how CheckLoadURI interacts with shumway
      • Current plugins (incl. Flash) try most of their normal web loads through the browser (NPAPI) to take advantage of proxy settings, etc.
      • ALL of those calls ARE checked against nsIContentPolicy using the load type TYPE_OBJECT_SUBREQUEST
    • SWF is loaded via rsrc://
    • only API's exposed right now are drawing API's - other API's will throw errors" contains invalid characters or is incomplete and therefore can cause unexpected results during a query or annotation process.

Action Items

Action Item Status None
Release Target `
Action Items
'
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Reviews/Shumway&oldid=474213"