Hey.
Was this bug opened finally?
Best,
Antonio
On 06/02/2014 3:58, Paul Theriault wrote:
The problem with this approach is it relies on developers knowing which
permissions are should be system app only, and which ones can be used by other
certified apps. We have already run into this with partner developers, and fair
enough since this restriction isn't documented anywhere.
Regardless of if we enforce this or not, then at least we need to documents
which permissions should be only used by the system app so that this will be
more well know. (I'll raise a bug assigned to me I guess to make this list)
On Feb 6, 2014, at 12:48 PM, Jonas Sicking wrote:
On Jan 30, 2014 9:21 AM, "Stéphanie Ouillon" <[email protected]>
wrote:
Hi,
The "nfc-manager" permission allows a certified app to receive any
broadcasted message (such as "nfc-manager-send-file) coming from Gecko.
These messages are meant to be routed by the System app to all other NFC
enabled applications. Thus only the System app should be able to have
this permission (the browser shouldn't have it, see bug 963488).
There is a bunch of certified permissions that are only used in System:
cellbroadcast, input-manage, embed-apps, background-censors (and another
bunch used in both System and Settings only). But I'm not sure whether
it could be used somewhere else someday or not.
The question is the following one: it is worth considering having a set
of permissions restricted to the System app only?
Certified APIs are only exposed to certified apps that at build time
enumerate the appropriate permission in their manifest.
So these APIs are effectively already only exposed to the system app.
This has the security benefits you mention, while also keeping us flexible
for future changes.
/ Jonas
_______________________________________________
dev-b2g mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-b2g
_______________________________________________
dev-b2g mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-b2g
________________________________
Este mensaje se dirige exclusivamente a su destinatario. Puede consultar
nuestra política de envío y recepción de correo electrónico en el enlace
situado más abajo.
This message is intended exclusively for its addressee. We only send and
receive email on the basis of the terms set out at:
http://www.tid.es/ES/PAGINAS/disclaimer.aspx
_______________________________________________
dev-b2g mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-b2g
