canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
| No edit summary | No edit summary | ||
| Line 20: | Line 20: | ||
| # to privileged (see interface link above) - doesn't allow you to actually do anything - it allows you to request and monitor lock state | # to privileged (see interface link above) - doesn't allow you to actually do anything - it allows you to request and monitor lock state | ||
| * All the policy ends up happening either in gaia or chrome.js | * All the policy ends up happening either in gaia or chrome.js | ||
| * 1 policy - things that aren't visible can't affect the   | * 1 policy - things that aren't visible can't affect the | ||
| |SecReview alt solutions=* see {{bug|697132}} | |SecReview alt solutions=* see {{bug|697132}} | ||
| |SecReview threats considered=* Battery flattening (by carelessly developed / malicious content) are discussed in {{bug|697132}} | |SecReview threats considered=* Battery flattening (by carelessly developed / malicious content) are discussed in {{bug|697132}} | ||
| |SecReview threat brainstorming=* There's a question around what kind of apps should be able to do various things (e.g. turn screen on / off, lock, CPU, etc) | |SecReview threat brainstorming=* There's a question around what kind of apps should be able to do various things (e.g. turn screen on / off, lock, CPU, etc) | ||
| * What could go wrong with notifications (from the backend); these essentially result in js being executed | * What could go wrong with notifications (from the backend); these essentially result in js being executed | ||
| }} | }} | ||
| {{SecReviewActionStatus | {{SecReviewActionStatus | ||
| |SecReview action item status=In Progress | |SecReview action item status=In Progress | ||
| |SecReview action items= | |SecReview action items=<table border="1"> | ||
| <tr> | |||
| 	<td>Who</td> | |||
| 	<td>bug</td> | |||
| 	<td>Action</td> | |||
| 	<td>By When</td> | |||
| 	<td>Completed date  | |||
| 		{{new|new}} | |||
| 		{{done|Done}} | |||
| 		{{miss|Miss}} | |||
| 	</td> | |||
| </tr> | |||
| <tr> | |||
| 	<td>jlebar </td> | |||
| 	<td>764131  </td> | |||
| 	<td>Fixing the b2g screen wake lock to have permissions</td> | |||
| 	<td> </td> | |||
| 	<td>{{new|new}} </td> | |||
| </tr> | |||
| </table> | |||
| <bugzilla> | |||
| { | |||
| "id":"764131" | |||
| } | |||
| </bugzilla> | |||
| }} | }} | ||
| == Other == | == Other == | ||
| Discussion on whether origin is appropriate in the context of apps - most of the detail around this exists elsewhere (permission discussion, etc) | Discussion on whether origin is appropriate in the context of apps - most of the detail around this exists elsewhere (permission discussion, etc) | ||