Security/WebAPI/Web Telephony: Difference between revisions

Jump to navigation Jump to search

Security/WebAPI/Web Telephony (view source)

Revision as of 21:14, 5 April 2012

10 bytes removed ,  5 April 2012
no edit summary
No edit summary
No edit summary
Line 52: Line 52:
|-
|-
| 1||Unauthorized content accesses the Web Telephony API||A web page or web app accesses the Telephony API with having the valid permissions or requirements ||* App Permissions Model will enforce which apps can access which APIs * B2G security model will enforce permissions model at a process level (ie less privileged process not allowed to send IPDL messages even if permissions check fails at an API level)||Malicious web content||?||Requires a bug in broader browser security model||||||\"* Place unauthorized calls, cost the user money, make spam phone calls
| 1||Unauthorized content accesses the Web Telephony API||A web page or web app accesses the Telephony API with having the valid permissions or requirements ||* App Permissions Model will enforce which apps can access which APIs * B2G security model will enforce permissions model at a process level (ie less privileged process not allowed to send IPDL messages even if permissions check fails at an API level)||Malicious web content||?||Requires a bug in broader browser security model||||||\"* Place unauthorized calls, cost the user money, make spam phone calls
|-
* Use phone a bugging device, breach user privacy
| * Use phone a bugging device, breach user privacy
* probably would have broader implications
|-
| * probably would have broader implications
|-
|-
|  
|  
Ptheriault
canmove, Confirmed users
1,220

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/417126"

Navigation menu