On 13-06-10 12:18 PM, Jonas Sicking wrote:
Child processes do not have access to the sdcard. All access to the
sdcard, which currently is only the DeviceStorage API, goes through
the parent process. I think this is enfoced not through directory
permissions, but rather by how we mount the sdcard. The same would
apply if we move apps to the sdcard. We still wouldn't let apps access
the sdcard directly, it would always go through the parent process. I
agree that no matter what we do, we always need to use kernel-enforced
protection of application code and data so that applications can't
access each other. Even if an application is able to compromise a
process. / Jonas
I think someone else has already mentioned that since USB mass storage
mode mounts the SD card as a block device, there's no security we can
provide to the contents of the SD card when the phone is plugged into a
PC with USBMS enabled.
Another side-effect of this is that the phone can't access the SD card
during this time, so apps stored on the SD card won't be available, or
may break.
--m.
_______________________________________________
dev-b2g mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-b2g
