Hi all,
I took a stab at summarizing some of the points made in the thread. The wiki
page can be found here
https://wiki.mozilla.org/Apps/Security
There is likely many things missing from the wiki page and the requirements are
probably incomplete. Please correct any errors I have made on positions you
argued for.
David Chan
----- Original Message -----
> From: "Chris Lee" <c...@mozilla.com>
> To: "lkcl luke" <luke.leigh...@gmail.com>
> Cc: dev-weba...@lists.mozilla.org, "Matthew S. Finifter"
> <finif...@cs.berkeley.edu>, dev-security@lists.mozilla.org,
> "Fabrice Desré" <fabr...@mozilla.com>, "Ben Francis" <b...@krellian.com>,
> "Lucas Adamski" <ladam...@mozilla.com>,
> "Mozilla B2G mailing list" <dev-...@lists.mozilla.org>, "Dean Landolt"
> <d...@deanlandolt.com>, "Adam Barth"
> <abarth-mozi...@adambarth.com>, "Jonas Sicking" <jo...@sicking.cc>, "Adrienne
> Porter Felt" <a...@berkeley.edu>, "Jim
> Straus" <jstr...@mozilla.com>
> Sent: Monday, March 12, 2012 10:04:29 AM
> Subject: Re: [b2g] Permissions model thoughts
>
> Hi all,
>
> The team will be putting together and documenting a proposal for the
> overall permissions/security/privacy model for B2G.
>
> At this time, the mailing list and email threads are to openly
> discuss ideas around what the overall team believes are key needs
> for this work.
>
> The goal is to work closely with the community and larger team to
> ensure we're not missing important requirements and then
> prioritize/focus on what needs to be built based on the timeline
> we've agreed upon with our partners.
>
> Feel free to ping me if you any specific questions on the
> roadmap/schedule.
>
> Thanks,
> Chris
>
>
> On Mar 11, 2012, at 6:48 AM, lkcl luke wrote:
>
> > On Sun, Mar 11, 2012 at 1:43 PM, Dean Landolt
> > <d...@deanlandolt.com> wrote:
> >
> >> Regardless of the prompts and dialogs chosen it's critical -- for
> >> both devs
> >> and laymen -- to be able to able to get quick access to a detailed
> >> list of
> >> capability grants for any given application from the application
> >> itself. And
> >> not just for b2g and mobile -- it should be right there with
> >> view-source,
> >> fundamental to gecko.
> >
> > again, it is worth repeating: this recommended requirement needs to
> > be FORMALLY PLACED onto an OFFICIAL DOCUMENT.
> >
> > could someone please for the love of god take responsibility for
> > that
> > task and actually make an announcement "we have created a wiki page
> > here {insert location} and are coordinating all requirements at
> > that
> > specific location".
> >
> > if you do not have anyone who is actually doing that nor does
> > anyone
> > have time to actually do so then it is indicative that the B2G
> > project
> > requires an additional funded post, paid for by the mozilla
> > foundation, doesn't it?
> >
> > you cannot leave something like the security model of the B2G
> > system
> > run along as an "arbitrary meandering path" that is completely
> > uncoordinated. it's too fundamental and critical to the success of
> > the project.
> >
> > l.
> > _______________________________________________
> > dev-b2g mailing list
> > dev-...@lists.mozilla.org
> > https://lists.mozilla.org/listinfo/dev-b2g
>
> _______________________________________________
> dev-webapps mailing list
> dev-weba...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-webapps
>
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
