Apps/Security/Meeting-2012-03-23
From MozillaWiki
Contents
Action Items
- Jonas - to clean up page - https://wiki.mozilla.org/Apps/Security (this page will be central point of knowledge for security models)
- fligtar - to ensure MarketPlace decisions are documented and will send wiki link to mcoates
- Lucas - to communicate to b2g mailing list that App security model discussions will happen on dev-webapps mailing list
Attendees
- Michael Coates
- Jonas
- Mike Hanson
- Bill Walker
- James Straus
- Ragavan
- Justin Scott
- Lucas Adamski
Agenda
- Ensure ongoing security model development across B2G, MarketPlace, API are cohesive and in sync.
- Are business requirements, terms, expectations thoroughy documented?
- Need for single cohesive securtiy model
- Provide visibility in security model selections.
- Status of security model discussions across B2G / MarketPlace /WebApi
- Validate assumptions and decisions must hold across all three environments.
- Project Plans and deadlines
- Planning to design together
Notes - Discussion
- Web APIs - beginning of security model discussion
- discussions happening on open web apps and b2g lists, dev-security Lucas is bringing together ideas from each mailing list and documenting on a wiki page Need for defining terms [bwalker] Origin - App - mapping : documentation on MDN, this is different than B2G [hanson] providence of logic we're executing - packaging conversation, need to discuss user approval for packaging issues [bwalker] MarketPlace will be store for B2G
- What security model decisions have been "made" and documented?
Apps:
one App per origin, manifest hosted at App origin App developers submitting Apps to Marketplace since MWC Manifest format - https://developer.mozilla.org/en/Apps/Manifest B2G phones will use Mozilla Marketplace (or white-labelled version) as their store FAQ: https://developer.mozilla.org/en/Apps/FAQs/About_app_manifests Apps should feel as much like Native Apps as possible. if users think we are selling them bookmarks, that's very bad Developers asks for permissions for app via Manifest - built into MarktePlace App review process Sensitive permissions require developer to explain why sensitive permision is requested Updates - MarketPlace checks manifest each day for any updates. Manifest permission changes require new review from review team Limiting permissions - no actions taken here for legal / compliance
B2G - None yet firm, tracked on https://wiki.mozilla.org/B2G_App_Security_Model Process: https://groups.google.com/group/mozilla.dev.b2g/browse_thread/thread/7627684f505aafc2#
API - very few thus far
[proposed] Grant installed apps unlimited access to storage APIs - no documentation [discussed] User control to overide allowed permissions
Terms/ideas that need to be defined?
- Overall principles guiding our system/plan - we know them, but should have on wiki to point people to
- Manifest - https://developer.mozilla.org/en/Apps/Manifest
- #s of AppStores - should point to our strategy of supporting multiple apps
- What is an "app" - Lucas has ideas here (in email)
- Granting or permissions - who grants permissions? Users, stores? Can users restrict or grant permissions to an app?
- Remembered Permissions - prompt every time, decacy prompting, manifest granted, store granted
Assumptions that are being held - correct?
APIs will prompt user before access is allowed
How do we move forward?
- Cross post everything? No
- One mailing list on security-model for all projects? No
- Decided on using dev-webapps mailing list for all App related security models. Need peopel's assistance to push conversations to this list.
- Need a central wiki with the above data - Apps Security Model (this includes B2G / APIs / MarketPlace)
- https://wiki.mozilla.org/Apps/Security <-- Single page of truth