WebAPI/Security/PermissionsAPI

From MozillaWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Permission API

Brief purpose of API: Allow an app to manage app permissions in a centralized location

General Use Cases: None

Inherent threats: Change security and privacy permissions, potentially leading to device compromise

Threat severity: Critical

References:

Permissions Table

Type Use Cases Authorization Model Notes & Other Controls
Web Content None No access
Installed Web Apps None No access
Privileged Web Apps None No access
Certified Web Apps Centralized permissions management app; modify per-app settings Implicit

Notes

We are not exposing permission settings to non-certified apps. Apps cannot determine their current settings without actually requesting a permission.

Retrieved from "https://wiki.mozilla.org/index.php?title=WebAPI/Security/PermissionsAPI&oldid=1021343"