Hi all, I took a stab at summarizing some of the points made in the thread. The wiki page can be found here https://wiki.mozilla.org/Apps/Security
There is likely many things missing from the wiki page and the requirements are probably incomplete. Please correct any errors I have made on positions you argued for. David Chan ----- Original Message ----- > From: "Chris Lee" <c...@mozilla.com> > To: "lkcl luke" <luke.leigh...@gmail.com> > Cc: dev-weba...@lists.mozilla.org, "Matthew S. Finifter" > <finif...@cs.berkeley.edu>, dev-security@lists.mozilla.org, > "Fabrice Desré" <fabr...@mozilla.com>, "Ben Francis" <b...@krellian.com>, > "Lucas Adamski" <ladam...@mozilla.com>, > "Mozilla B2G mailing list" <dev-...@lists.mozilla.org>, "Dean Landolt" > <d...@deanlandolt.com>, "Adam Barth" > <abarth-mozi...@adambarth.com>, "Jonas Sicking" <jo...@sicking.cc>, "Adrienne > Porter Felt" <a...@berkeley.edu>, "Jim > Straus" <jstr...@mozilla.com> > Sent: Monday, March 12, 2012 10:04:29 AM > Subject: Re: [b2g] Permissions model thoughts > > Hi all, > > The team will be putting together and documenting a proposal for the > overall permissions/security/privacy model for B2G. > > At this time, the mailing list and email threads are to openly > discuss ideas around what the overall team believes are key needs > for this work. > > The goal is to work closely with the community and larger team to > ensure we're not missing important requirements and then > prioritize/focus on what needs to be built based on the timeline > we've agreed upon with our partners. > > Feel free to ping me if you any specific questions on the > roadmap/schedule. > > Thanks, > Chris > > > On Mar 11, 2012, at 6:48 AM, lkcl luke wrote: > > > On Sun, Mar 11, 2012 at 1:43 PM, Dean Landolt > > <d...@deanlandolt.com> wrote: > > > >> Regardless of the prompts and dialogs chosen it's critical -- for > >> both devs > >> and laymen -- to be able to able to get quick access to a detailed > >> list of > >> capability grants for any given application from the application > >> itself. And > >> not just for b2g and mobile -- it should be right there with > >> view-source, > >> fundamental to gecko. > > > > again, it is worth repeating: this recommended requirement needs to > > be FORMALLY PLACED onto an OFFICIAL DOCUMENT. > > > > could someone please for the love of god take responsibility for > > that > > task and actually make an announcement "we have created a wiki page > > here {insert location} and are coordinating all requirements at > > that > > specific location". > > > > if you do not have anyone who is actually doing that nor does > > anyone > > have time to actually do so then it is indicative that the B2G > > project > > requires an additional funded post, paid for by the mozilla > > foundation, doesn't it? > > > > you cannot leave something like the security model of the B2G > > system > > run along as an "arbitrary meandering path" that is completely > > uncoordinated. it's too fundamental and critical to the success of > > the project. > > > > l. > > _______________________________________________ > > dev-b2g mailing list > > dev-...@lists.mozilla.org > > https://lists.mozilla.org/listinfo/dev-b2g > > _______________________________________________ > dev-webapps mailing list > dev-weba...@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-webapps > _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security