* The app will be signed by the store to ensure that hacking the store website doesn't allow a hacker to install arbitrary content on users devices.
* The app will use a CSP policy to harden the app itself against bugs which would allow an attacker to inject code into the app. This will also make reviewing the app easier.
=== App Review ===
The store is responsible for reviewing the app to ensure that it doesn't do anything dangerous with the permissions it is granted.
Since the OpenWebApps API allows any website to become a store, only stores approved by B2G will be allowed to install Privileged apps. Our goal is that multiple stores will become approved for installing privileged app, but given how much responsibility is put on the store, we need to ensure that we put agreements in place to protect users before approving a store for being allowed to install privileged apps.
=== App Signing ===
