MozillaWiki

WebAPI/Security/Idle: Difference between revisions

Page Discussion

WebAPI/Security/Idle (view source)

Revision as of 02:04, 24 September 2012

327 bytes added ,  24 September 2012
no edit summary
mNo edit summary
No edit summary
Line 5: Line 5:
*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion
*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion


Brief purpose of API: Notify an app if the user is idle
Brief purpose of API: Notify an app if the user is idle.<br>
 
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program).
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program).


Line 13: Line 12:
**Signalling multiple windows at exactly the same time could correlate user identities and compromise privacy
**Signalling multiple windows at exactly the same time could correlate user identities and compromise privacy
**Could be used by a workplace to monitor activity by monitoring system idle
**Could be used by a workplace to monitor activity by monitoring system idle
Threat severity: Low
Threat severity: Low


== Regular web content (unauthenticated) ==
Use cases for unauthenticated code: Idle detection for IM or IRC clients.
Authorization model for normal content: None
Authorization model for installed web content: None
Potential mitigations:
* Exact time user goes idle can be fuzzed so as to reduce correlation
* Provide only page idle not system idle, where privacy is a concern
== Privileged (approved by app store) ==
Use cases for privileged code: N/A


Authorization model: None
{| border="1" class="wikitable"
! Type
! Use Cases
! Authorization Model
|-
| Web Content || None || No access
|-
| Installed Web Apps || None || No access
|-
| Privileged Web Apps || None || No access
|-
| Certified Web Apps || Notify an app if the user is idle. || Implicit
|}


Potential mitigations: None


== Certified (system-critical apps) ==
=== Regular web content (unauthenticated) ===
Use cases for certified code: As per unauthenticated
Use cases for unauthenticated code: None.
Authorization model for normal content: No Access.


Authorization model: Implicit
*Installed Web Apps
**Use cases for unauthenticated code: None.
**Authorization model for normal content: No access.
*Privileged (approved by app store)
*Use cases for privileged code: None.
**Authorization model: No access.


Potential mitigations: Implicit
=== Certified (system-critical apps) ===
Use cases for certified code: Notify an app if the user is idle <br>
Authorization model: Implicit <br>
Potential mitigations: Due to the privacy risks associated with this API, access is limited to certified applications. (See https://bugzilla.mozilla.org/show_bug.cgi?id=780507 for further detail).
Ptheriault
canmove, Confirmed users
1,220

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/472911"