Confirmed users
717
edits
B2G App Security Model: Difference between revisions
no edit summary
No edit summary |
No edit summary |
||
| Line 50: | Line 50: | ||
*Ability to grant trust for certain highly sensitive privileges (such as phone dialing) may be restricted at the OS level to specific trusted parties | *Ability to grant trust for certain highly sensitive privileges (such as phone dialing) may be restricted at the OS level to specific trusted parties | ||
|Feature non-goals=This document does not try to define the broader B2G security model, nor does it define the Open Web Apps security model even though we expect that B2G will contain a superset of the latter's requirements. | |Feature non-goals=This document does not try to define the broader B2G security model, nor does it define the Open Web Apps security model even though we expect that B2G will contain a superset of the latter's requirements. | ||
|Feature functional spec= | |Feature functional spec=A threat model is being documented here: https://wiki.mozilla.org/B2G_App_Security_Model/Threat_Model | ||
A threat model is being documented here: https://wiki.mozilla.org/B2G_App_Security_Model/Threat_Model | |||
WebAPI permissions manager implementation: https://bugzilla.mozilla.org/show_bug.cgi?id=707625 | WebAPI permissions manager implementation: https://bugzilla.mozilla.org/show_bug.cgi?id=707625 | ||
===Design Decisions Made=== | |||
* One app per origin (FQDN) | |||
}} | }} | ||
{{FeatureInfo | {{FeatureInfo | ||