[Grrr. Silly tbird messing up quotes below... Resent because direct
posting from Emacs/Gnus keeps getting flagged as needing moderator approval]
>There _is_ a more powerful capability that we may want to have
available to
>a small handful of apps: "turn on the camera at some indefinite time
in the
>future, without user interaction at the time". The only use case I can
>think of for that is an anti-device-theft system (turn on the camera, GPS,
>etc. remotely and try to figure out where the device is - I understand
>iPhones can do this), and maybe that should just be built into the TCB
>rather than being an add-on. But this does point at a general hole in the
>implicit authorization model: you can't use it to grant authorization
to do
>something under programmatic conditions at some time in the future. Maybe
>there could be a special scheduler powerbox for that, though.
That need is exactly what some WebRTC apps need (think VoIP-like service
- replacement for Skype, Google Hangouts were you want a
user-controlled/styled answer/call/etc buttons - you get the idea).
Users will not want to go through a security request on each call, and
app developers will not want to have "fixed" call/end buttons they can't
style (and I don't think this works anyways).
This *is* a dangerous ability to give, though it's equivalent to what
users grant Skype or WebEx or Hangouts already by installing them
(perhaps less, actually).
--
Randell Jesup, Mozilla Corp
remove ".news" for personal email
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
