A security model only considering packages seems not enough: As far as I can tell, there are 4 (or more) types of possible runnables on B2G: 0) Kernel, drivers (including virtual device drivers), CLI tools (including services), browser engine and (maybe) plug-ins. 1) Packed programs written in HTML/CSS/JS. 2) Installed non-local Web apps (including sites). 3) Non-installed Web apps (including sites).
(It seems all type 1 runnables can be implements as type 2 or 0. Maybe we needn't treat them as a seperate type) For type 0 & 1, a deployment mechanism like apt/yum works fine (and seems required for type 0). But for type 2 & 3, such mechanism may not cover. I'm afraid that many apps will be implemented as type 2 or 3 for smooth of (re)deployment (and this is a huge advantage for web apps to native ones). So we still need think what to do when there is no package at all. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
