177
edits
Changes
m
=== Permissions manager ===* User can deny permissions at install time* User can always go to manager to see what permissions an app has been granted* User can modify permissions through the manager* Certain APIs are defined as "sensitive"** Sensitive APIs will request "capabilities" e.g. access USB, access wifi* Levels of access for capabilities** Allow** Prompt (default to remember)** Prompt (default to not remember)** Deny*** There were concerns that the levels should only be Allow/Deny* Contractual enforcement of permissions** WidgetInc may come to Mozilla (telco) with request for access to sensitive APIs** Mozilla (telco) may draft a contract with WidgetInc giving them access to the sensitive APIs under certain conditions* WebApps may be granted default permissions** e.g. access to storage, access to change context menu* capabilities may be restricted based on technical restrictions of the site** e.g. strict-transport security, EV-certificate
no edit summary
==== Kernel permissions manager ====
== Proposals ==
=== Permissions manager ===* User can deny permissions at install time* User can always go to manager to see what permissions an app has been granted* User can modify permissions through the manager* Certain APIs are defined as "sensitive"** Sensitive APIs will request "capabilities" e.g. access USB, access wifi* Levels of access for capabilities** Allow** Prompt (default to remember)** Prompt (default to not remember)** Deny*** There were concerns that the levels should only be Allow/Deny* Contractual enforcement of permissions** WidgetInc may come to Mozilla (telco) with request for access to sensitive APIs** Mozilla (telco) may draft a contract with WidgetInc giving them access to the sensitive APIs under certain conditions* WebApps may be granted default permissions** e.g. access to storage, access to change context menu* capabilities may be restricted based on technical restrictions of the site** e.g. strict-transport security, EV-certificate
= Standard web security =
