177
edits
Changes
m
===Management of Permissions===
#A user can modify the permissions granted to a Web App at any time including granting or revoking privileges
#Permissions can be granted per application, or set globally in the Default Permission Policy (see below)
#Users need to be guided on the consequence of changing permissions, and protected from making choices which are insecure or which could disable their device (e.g. removing the permissions setting capability from the permissions web app)
#Permissions can be modified either through a permission manager application, or set through contextual actions (e.g. response to security prompts including "remember me" checkboxes or through behavior in some cases, e.g. user ignores a prompt five times in a minute, don't prompt again for an hour)
===Default Permission Policy===
Each B2G device has a default permissions policy which takes precedence over the app store. This is expected to contain rules for a subset of permissions.Its purpose is:
*for device manufacturers to set safe default limits for permissions
*for users to decide on global limits for permissions
For example, a default setting for location might be that even apps, which are granted access to location, must always ask the user. This could modify this policy to be more strict, and globally deny applications from accessing location information.
A user should be warned before they override the Default Permission Policy in an unsafe way.
no edit summary
#The user can choose to override store permissions (either granting or revoking privileges), but the store permissions should be safe for the user, and represent the minimum permissions the application needs to run.
#The store can also entrust other stores with the power to grant permissions (possibly a subset of permissions, or not privileged permissions)
=== Distribution / management of WebApps ===
== Requirements ==
===Management of Permissions===
#A user can modify the permissions granted to a Web App at any time including granting or revoking privileges
#Permissions can be granted per application, or set globally in the Default Permission Policy (see below)
#Users need to be guided on the consequence of changing permissions, and protected from making choices which are insecure or which could disable their device (e.g. removing the permissions setting capability from the permissions web app)
#Permissions can be modified either through a permission manager application, or set through contextual actions (e.g. response to security prompts including "remember me" checkboxes or through behavior in some cases, e.g. user ignores a prompt five times in a minute, don't prompt again for an hour)
===Default Permission Policy===
Each B2G device has a default permissions policy which takes precedence over the app store. This is expected to contain rules for a subset of permissions.Its purpose is:
*for device manufacturers to set safe default limits for permissions
*for users to decide on global limits for permissions
For example, a default setting for location might be that even apps, which are granted access to location, must always ask the user. This could modify this policy to be more strict, and globally deny applications from accessing location information.
A user should be warned before they override the Default Permission Policy in an unsafe way.
== Proposals ==
