177
edits
Changes
no edit summary
Discussion which raises the issue of confused definitions, helps clarify them:
https://groups.google.com/d/msg/mozilla.dev.b2g/AQYPkIjKxjE/WYy0LPta9cMJ
=== App instance / version ===
(''Note: this section is very much in an informal style that includes definitions, discussion as well as functional analysis. it should be analysed and split up appropriately.'')
* Possible definitions of what an app instance / version is
*# a static bundle of code authenticated by manifest + signature (or equivalent)
*# a dynamic stream of code authenticated by a specific origin (same origin applied, all assets must be loaded from https://<a host>)
*# an initial loader authenticated by a specific origin (https://<a host>), which can then load whatever it wants
*# unauthenticated code loaded over any channel, from any origin
* loosely ordered from best to worst (descending) security wise
* 1) and 2) could work with additional security controls
* attacker can use option 2) as a proxy for malicious content
* attacker can use option 2) as proxy to paid app (buy once, share with world)
** mitigation for this may be responsibility of app developer
* CSP can secure 1) and 2) to an extent
** define baseline CSP policy that apps have to adopt
* See [https://www.adobe.com/devnet/air/articles/introduction_to_air_security.html Intro to AIR security]
== Bugs ==
== Scope ==
===Permission Types===
