I haven't seen any comments on this for a while so I'll be closing this out and posting on Friday. Please send any last comments before noon PDT. Thanks! Lucas.
On Apr 15, 2012, at 11:18 PM, Lucas Adamski wrote: > Please reply-to [email protected] > > Name of API: Resource Lock API > Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=697132 > > Brief purpose of API: Prevent the screen from being dimmed or switched off > General Use Cases: Request a lock to stop the screen from being dimmed, even > if the user is idle (eg. watching a movie) > > Inherent threats: Drain power, annoyances > > Threat severity: Low > > == Regular web content (unauthenticated) == > Use cases for unauthenticated code: Same as General > Authorization model for normal content: Explicit > Authorization model for installed content:Implicit > Potential mitigations: > > == Trusted (authenticated by publisher) == > Use cases for authenticated code: Same as General > Authorization model: > Potential mitigations: > > == Certified (vouched for by trusted 3rd party) == > Use cases for certified code: Same as General > Authorization model: > Potential mitigations: > _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
