177
edits
Changes
→Summary
== Summary ==
There are four separate areas where security work is required. Each area is separate but inter-related. Each are'''required''' and cannot be ignored.
# '''Secure Application Distribution'''. A level of trust must be established between all four parties: B2G developers, Application developers, users and stores.
# '''Application Permissions Enforcement'''. This can '''only''' be done at the Operating System (kernel) level.
# '''Definition of the permissions to be enforced'''. Examples include "app can access the IMEI number" and "app can make phone calls".
# '''Standard web security'''. This is what is normally considered to be "the web" (XSS in AJAX etc.) and it still has a role to play in B2G.
===Process for granting permissions===
(''comment: this is a reasonable summary, and should be left in the summary section :)'')
== Requirements ==
