Yea, I was thinking more of the bullying case which is something I don't think that Android and iOS apps have to deal with much currently. The option to remember allow/deny addresses the issue I believe.
Extremely hypothetical case. What if an app wants a permission but you only want to allow it for certain action? I don't think the current model could accommodate this. Chess app wants write access to store current game layout, and wants write access to store tracking information. I can't think of a good way to address this without a horrible user experience. You could also think of a situation where an app asks for a permissions for a relatively benign use, then escalating to abusing the permission. David Chan ----- Original Message ----- > From: "lkcl luke" <[email protected]> > To: "Adrienne Porter Felt" <[email protected]> > Cc: "David Chan" <[email protected]>, "Lucas Adamski" <[email protected]>, > [email protected], "David > Barrera" <[email protected]>, "ptheriault" <[email protected]>, > "Jim Straus" <[email protected]>, > "Jonas Sicking" <[email protected]>, [email protected], "Fabrice > Desré" <[email protected]>, > [email protected], "Mozilla B2G mailing list" <[email protected]> > Sent: Thursday, March 15, 2012 3:37:02 PM > Subject: Re: [b2g] OpenWebApps/B2G Security model > > 2012/3/15 lkcl luke <[email protected]>: > > > anyway, the point is that there are separate security requirements > > for: > > > > * the root frame (top-level one into which the top gaia HTML is > > loaded) > > * individual gaia apps (sub-iframes, one per app) > > * any gaia app that opens up a public-facing (URL-based) iframe - > > the > > browser app is one such > > * iframes *within* that iframe - as in "iframes that you normally > > think of iframes being used for". > > > > man that's as confusing as hell, but there simply isn't a glossary > > yet > > for describing this stuff and giving it some unique unambiguous > > terminology. > > > https://wiki.mozilla.org/Apps/Security#Concepts_to_be_given_Official_Definitions > > i added this section because even i'm finding it hard to keep track > of the concepts. it would be very useful to the clear discussion of > this topic to have some "official input" that creates some terms to > refer to the above, in terminology that the "Official" people dealing > with the B2G project are themselves familiar with. > > i'm struggling here somewhat because although i fully grok the > chrome > concept i don't actually use the term myself so don't _actually_ know > if "the chrome concept" is the correct way to refer to what *i* > understand is going on. > > argh.... :) > > *gloop*, *gloop*, drowning in definitions... > > l. > _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
