WebAPI/Security/Vibration: Difference between revisions
No edit summary |
No edit summary |
||
| Line 21: | Line 21: | ||
== Privileged (approved by app store) == | == Privileged (approved by app store) == | ||
Use cases for privileged code: [Same] | |||
== | Authorization model: Implicit | ||
Use cases for | |||
Potential mitigations: | |||
== Certified (system-critical apps) == | |||
Use cases for certified code: [Same] | |||
Authorization model: Implicit | Authorization model: Implicit | ||
| Line 33: | Line 34: | ||
Potential mitigations: | Potential mitigations: | ||
Notes | ==Notes== | ||
This API may be implicitly granted. User can deny from Permission Manager to over-ride an abusive app. | |||
Since only foreground content can trigger vibrator, this seems equivalent to other potentially annoying feedback mechanisms and should be implicit for uninstalled web content. | Since only foreground content can trigger vibrator, this seems equivalent to other potentially annoying feedback mechanisms and should be implicit for uninstalled web content. | ||
__NOTOC__ | |||
Revision as of 21:16, 6 August 2012
Name of API: Vibration
Reference: http://dev.w3.org/2009/dap/vibration/
Security Discussion: https://groups.google.com/group/mozilla.dev.webapps/browse_thread/thread/6aa715e1d7a5a9f5#
Brief purpose of API: Let content activate the vibration motor
Inherent threats: Obnoxious if mis-used, consume extra battery
Threat severity: low
Regular web content (unauthenticated)
Use cases for unauthenticated code: Vibrate when hit in a game
Authorization model for uninstalled web content: Implicit
Authorization model for installed web content: Implicit
Potential mitigations: Limit how long vibrations can run. Only foreground content can trigger vibration.
Privileged (approved by app store)
Use cases for privileged code: [Same]
Authorization model: Implicit
Potential mitigations:
Certified (system-critical apps)
Use cases for certified code: [Same]
Authorization model: Implicit
Potential mitigations:
Notes
This API may be implicitly granted. User can deny from Permission Manager to over-ride an abusive app. Since only foreground content can trigger vibrator, this seems equivalent to other potentially annoying feedback mechanisms and should be implicit for uninstalled web content.