2012/8/9 Doug Turner <[email protected]> > Hey Lucas, > > The bug listed was filed 4 months ago. Has any one begun working on this, > if so -- where's the code? I'd like to see the approach that was taken. > Specifically how permissions are granted/check. >
Hey! Thinker is working on the gecko part: https://bugzilla.mozilla.org/show_bug.cgi?id=763198 Cheers, > > Thanks! > > ----- Original Message ----- > From: "Lucas Adamski" <[email protected]> > To: [email protected] > Cc: "Doug Turner" <[email protected]> > Sent: Wednesday, August 8, 2012 5:45:27 PM > Subject: Security Discussion: Push Notifications API > > Initial draft. One of the trickier APIs to reason through as it really > depends on the intended use cases. Thoughts? > > ==Push Notifications API== > > References: > *https://wiki.mozilla.org/WebAPI/PushAPI > *https://bugzilla.mozilla.org/show_bug.cgi?id=747907 > * > https://groups.google.com/forum/?fromgroups#!topic/mozilla.dev.webapi/doBebGwUTNE > > Brief purpose of API: Asynchronous notification mechanism for apps with > store and forward capabilities. > > General Use Cases: Provide an mechanism for websites to push small > notifications to subscribed applications on the client, even when they > aren't currently running. > *IM messaging apps. > *Website activity notifications (auctions, online price alerts, travel > advisories and flight status, banking activity, etc). > > Inherent threats: > *Spoofing notifications could lead user to disclosing sensitive information > *Spoofing messages could trick an app into disclosing sensitive > information (i.e. submit info to URL..) or otherwise take action on behalf > of the attacker. > *Spoofing of notifications to system-critical applications could result in > a variety of attacks, from information disclosure to device compromise. > > Threat severity: High, possibly Critical depending on usage > > == Regular web content (unauthenticated) == > Use cases for unauthenticated code: Same > > Authorization model for normal content: None? > > Authorization model for installed content: Implicit > > Potential mitigations: Airplane mode? > > == Privileged (approved by app store) == > Use cases for privileged code: Same > > Authorization model: Implicit > > Potential mitigations: Same > > == Certified (system-critical apps) == > Use cases for certified code: Do we use this API for any system-sensitive > operations, like app updates, payments, etc? > > Authorization model: Implicit > > Potential mitigations: Same > > __NOTOC__ > > _______________________________________________ > dev-webapps mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-webapps > -- Guillermo López [willyaranda]. Mozilla Reps Mentor. http://mozilla-hispano.org http://twitter.com/mozilla_hispano http://facebook.com/mozillahispano Certified Mozillian: https://mozillians.org/willyaranda _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
