Component Security for Mozilla
We need your help to make Mozilla a more secure platform. See below for ways to get involved.
What is "Component Security"?
These pages are to describe the project of adding security to Mozilla components. We do not cover cryptographic security (SSL, certificates, S/MIME, etc.). For such topics, see Open Source PKI Projects.
Instead we talk about the ways of adding Java and JavaScript security to Mozilla components, mainly in terms of mobile code and the browser interfaces available to programs from those languages.
This is a difficult task in any event, but is particularly tricky for Mozilla. This is because Mozilla makes increasing use of Internet technologies to implement the browser itself. This has many benefits for modularity, cross-platform development, and encouraging development by a wider range of people. However, it also makes the process of ensuring browser security more challenging because it requires building a wall between the trusted browser and the untrusted content it displays.
Documentation
- Mozilla Security Review and Best Practices Guide
- Same Origin Policy
- Signed Script Policy
- Configurable Security Policies (CAPS)
- Signed Scripts & Privileges: An Example
- Using a Master Certificate for Remote Trust Grants
- Configuring Per-File Privileges
- Mozilla.org Policy on Handling Security Bugs
- Current Members of the Mozilla security group
- Known Vulnerabilities in Mozilla
- Slides from 'Intro to Mozilla Security' talk, 3/4/02 (XML)
People
The Mozilla Security Newsgroup is a good place to raise security-related issues.
Wish List & Future Projects
- Buffer overflow problems - We will soon be launching a major initiative to wipe out this persistent source of security problems. Watch this space for tips on how to find potential buffer overflows in your code.
- Signed XPI - We would like to add cryptographic signature verification to the XPInstall Engine.
- Re-do the CheckLoadURI policy - it is not consistently applied in some areas, and it's too restrictive in others. We need to re-eavluate where this policy is needed and what restrictions to enforce.
- Better Java compatibility - Currently, JavaScript cannot call privileged functions in signed applets. We need better integration between the Mozilla security manager and the Java plugin.
We need your help! If any of the projects above interests you, let us know. In addition, we need more community security review. Pick a Mozilla module you know and start looking for buffer overruns, misuse of privileges, and other security problems. Check back here soon for a list of things to look out for. Let's prove to the world that open source development leads to secure software!