Updated proposal per comments. I ended up trying to reconcile the various points more than simply documenting them so please review carefully as I likely missed something. :)
Name of API: Screen Orientation Reference: bug 720794 bug 673922 Brief purpose of API: Get notification when screen orientation changes as well as lock the screen orientation Inherent threats: minor information leakage (device orientation), minor user inconvenience (lock device orientation) Threat severity: low per https://wiki.mozilla.org/Security_Severity_Ratings == Regular web content (unauthenticated) == Use cases for unauthenticated code: Prevent screen orientation from changing when playing a game utilizing device motion. Switch screen orientation when switching between different parts of an app (i.e. from playlist to video playback). API wise, this means detecting orientation and setting/locking orientation. Authorization model for normal content: implicit for detecting orientation, implicit for locking/setting orientation in fullscreen only Authorization model for installed content: implicit for both Potential mitigations: As mentioned, normal content can only set/lock orientation in fullscreen. Only top-level content can set/lock. == Trusted (authenticated by publisher) == Use cases for authenticated code: Same as unauthenticated Authorization model: implicit Potential mitigations: None == Certified (vouched for by trusted 3rd party) == Use cases for certified code: Same as above Authorization model: Same as above Potential mitigations: None On Apr 10, 2012, at 4:59 PM, Lucas Adamski wrote: > Here's the first API up for discussion. This should be pretty > straightforward so I hope to close out this discussion by > end of day Thursday (PDT). > > I'd like to keep this discussion on mozilla.dev.webapps, but I'll take > responses on other lists over silence. :) > > Name of API: Screen Orientation > Reference: bug 720794 bug 673922 > > Brief purpose of API: Get notification when screen orientation changes as > well as lock the screen orientation > > Inherent threats: minor information leakage (device orientation), minor user > inconvenience (lock device orientation) > > Threat severity: low per https://wiki.mozilla.org/Security_Severity_Ratings > > == Regular web content (unauthenticated) == > Use cases for unauthenticated code: Prevent screen orientation from changing > when playing a game utilizing device motion > Authorization model for normal content: implicit for detecting orientation, > explicit runtime for locking orientation > Authorization model for installed content: implicit for both > Potential mitigations: Orientation should remained locked only while focused. > > == Trusted (authenticated by publisher) == > Use cases for authenticated code: Same as unauthenticated > Authorization model: implicit > Potential mitigations: Orientation should remained locked only while focused. > > == Certified (vouched for by trusted 3rd party) == > Use cases for certified code: Same as above > Authorization model: implicit > Potential mitigations: none _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
