Re: WebAPI Security Discussion: Permission API

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Re: WebAPI Security Discussion: Permission API

Paul Theriault
Final call for comments. Please reply to [hidden email] by COB Jun 04.


On Wednesday, 9 May 2012 09:47:47 UTC+10, Lucas Adamski  wrote:

> Please reply-to [hidden email]
>
> Name of API: Permission API
> Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=707625
>
> Brief purpose of API: Allow an app to manage app permissions in a centralized location
> General Use Cases: None
>
> Inherent threats: Change security and privacy permissions, potentially leading to device compromise
>
> Threat severity: Critical
>
> == Regular web content (unauthenticated) ==
> Use  cases for unauthenticated code:None
> Authorization model for normal content:  None
> Authorization model for installed content: None
> Potential mitigations:
>
> == Trusted (authenticated by publisher) ==
> Use cases for authenticated code: None
> Use cases for trusted code: None
> Potential mitigations:
>
> == Certified (vouched for by trusted 3rd party) ==
> Use cases for certified code:  Centralized permissions management app; modify per-app settings
> Authorization model: Implicit
> Potential mitigations: None
>
> Note: We are not exposing permission settings to non-certified apps.  Apps cannot determine their current settings without actually requesting a permission.

_______________________________________________
dev-security mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-security