Jim Straus a écrit :
I definitely don't like the Android model. We'll have to figure out
exactly how to communicate permissions requests to users. On the other
hand, an appropriately vetted and signed app could be given permissions
implicitly in a permissions manifest, so the user doesn't
Hi,
I have some concerns toward the current B2G model at the OS/kernel
level, which I have discussed with various people already. I'd like to
raise awareness about these concerns and see if we currently have a
solution, or if a solution is really planned.
Note that the solution is likely to be
On Tue, 6 Mar 2012 18:28:15 -0800
Adrienne Porter Felt wrote:
For example, there is relatively little risk attached to
letting an app turn your Bluetooth on or off.
Are you nuts, how about a local app via qr code phishing switching
it on and then a stack exploit by a local attacker or
What's up with this?
http://www.symantec.com/security_response/writeup.jsp?docid=2012-020609-4221-99tabid=2
Already getting questions in the support arenas.
--
Jay Garcia - www.ufaq.org - Netscape - Firefox - SeaMonkey - Thunderbird
Mozilla Contribute Coordinator Team -
On 3/2/2012 4:27 PM, Lucas Adamski wrote:
Hi all,
We are actively working on opt-in activation for plugins, and have updated the
feature page listed here with our
thinking: https://wiki.mozilla.org/Opt-in_activation_for_plugins
This feature is intended to help with drive-by security issues
- Original Message -
From: Adam Barth abarth-mozi...@adambarth.com
To: ptheriault ptheria...@mozilla.com
Cc: dev-security@lists.mozilla.org, Mozilla B2G mailing list
dev-...@lists.mozilla.org, cjo...@mozilla.com
Sent: Tuesday, March 6, 2012 10:30:48 PM
Subject: Re: [b2g] B2G
- Original Message -
From: Guillaume Destuynder gdestuyn...@mozilla.com
To: Mozilla B2G mailing list dev-...@lists.mozilla.org
Cc: dev-security@lists.mozilla.org
Sent: Wednesday, March 7, 2012 11:18:41 AM
Subject: [b2g] B2G's kernel level permissions and reliability
Note that the
