WebAPI/Security/PermissionsAPI: Difference between revisions
Ptheriault (talk | contribs) (Created page with "== Permission API== Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=707625 <br> Brief purpose of API: Allow an app to manage app permissions in a centralized location <b...") |
No edit summary |
||
| Line 1: | Line 1: | ||
== Permission API== | == Permission API== | ||
Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=707625 | Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=707625 | ||
Brief purpose of API: Allow an app to manage app permissions in a centralized location | |||
General Use Cases: None | Brief purpose of API: Allow an app to manage app permissions in a centralized location | ||
Inherent threats: Change security and privacy permissions, potentially leading to device compromise | |||
Threat severity: Critical | General Use Cases: None | ||
Inherent threats: Change security and privacy permissions, potentially leading to device compromise | |||
Threat severity: Critical | |||
=== Regular web content (unauthenticated) === | === Regular web content (unauthenticated) === | ||
Use cases for unauthenticated code:None | |||
Authorization model for normal content: None | |||
Authorization model for installed content: None | |||
Potential mitigations: | |||
=== Trusted (authenticated by publisher) === | === Trusted (authenticated by publisher) === | ||
Use cases for authenticated code: None | |||
Use cases for trusted code: None | |||
Potential mitigations: | |||
=== Certified (vouched for by trusted 3rd party) === | === Certified (vouched for by trusted 3rd party) === | ||
Use cases for certified code: Centralized permissions management app; modify per-app settings | |||
Authorization model: Implicit | |||
Potential mitigations: None | |||
Note: We are not exposing permission settings to non-certified apps. Apps cannot determine their current settings without actually requesting a permission. | Note: We are not exposing permission settings to non-certified apps. Apps cannot determine their current settings without actually requesting a permission. | ||
___NOTOC___ | |||
Revision as of 06:21, 31 July 2012
Permission API
Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=707625
Brief purpose of API: Allow an app to manage app permissions in a centralized location
General Use Cases: None
Inherent threats: Change security and privacy permissions, potentially leading to device compromise
Threat severity: Critical
Regular web content (unauthenticated)
Use cases for unauthenticated code:None
Authorization model for normal content: None
Authorization model for installed content: None
Potential mitigations:
Trusted (authenticated by publisher)
Use cases for authenticated code: None
Use cases for trusted code: None
Potential mitigations:
Certified (vouched for by trusted 3rd party)
Use cases for certified code: Centralized permissions management app; modify per-app settings
Authorization model: Implicit
Potential mitigations: None
Note: We are not exposing permission settings to non-certified apps. Apps cannot determine their current settings without actually requesting a permission.
__