Thunderbird's Security Architecture

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Thunderbird's Security Architecture

Mehdi Mirakhorli
Hi All,

We are studying vulnerabilities across different releases of Thunderbird's
project. The goal of the study is to investigate the root cause of CVEs and
study those rooted in the security architecture of the project. We are
looking at both flaws in the design (if any) and degradation of design in
source code (violation of design decisions due coding mistakes).

At this step, we would like to know if we have correctly extracted the list
of security mechanisms (tactics/patterns)  used in Thunderbird's project.

My Ph.D. student has created a draft for the list of security tactics used
in Thunderbird's project. I appreciate it if you could take the time and
review it and let us know your feedback. Are there any other high-level
decision made by the team which is missing?


Mehdi Mirakhorli
Assistant Professor
Department of Software Engineering
Rochester Institute of Technology
134 Lomb Memorial Drive
Rochester, NY 14623-5608
dev-apps-thunderbird mailing list
[hidden email]