Re: WebAPI Security Discussion: Permission API

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Re: WebAPI Security Discussion: Permission API

Paul Theriault
Final call for comments. Please reply to [hidden email] by COB Jun 04.

On Wednesday, 9 May 2012 09:47:47 UTC+10, Lucas Adamski  wrote:

> Please reply-to [hidden email]
> Name of API: Permission API
> Reference:
> Brief purpose of API: Allow an app to manage app permissions in a centralized location
> General Use Cases: None
> Inherent threats: Change security and privacy permissions, potentially leading to device compromise
> Threat severity: Critical
> == Regular web content (unauthenticated) ==
> Use  cases for unauthenticated code:None
> Authorization model for normal content:  None
> Authorization model for installed content: None
> Potential mitigations:
> == Trusted (authenticated by publisher) ==
> Use cases for authenticated code: None
> Use cases for trusted code: None
> Potential mitigations:
> == Certified (vouched for by trusted 3rd party) ==
> Use cases for certified code:  Centralized permissions management app; modify per-app settings
> Authorization model: Implicit
> Potential mitigations: None
> Note: We are not exposing permission settings to non-certified apps.  Apps cannot determine their current settings without actually requesting a permission.

dev-security mailing list
[hidden email]