177
edits
Changes
m
# * [[Apps/Security/Distribution|'''Secure Application Distribution''']].
# * [[Apps/Security/Enforcement|'''Application Permissions Enforcement''']].
# * [[Apps/Security/Permissions|'''Definition, management and presentation of the permissions to be enforced''']].
# * [[Apps/Security/StandardWebSecurity|'''Standard web security''']].
→Boot 2 Gecko App Security Model Discussion
There are four separate areas where security work is required. Each area is separate but inter-related. Each is '''required''' and cannot be ignored.
A level of trust must be established between all four parties: B2G developers, Application developers, users and stores.
This can '''only''' be done at the Operating System (kernel) level.
Examples include "app can access the IMEI number" and "app can make phone calls".
This is what is normally considered to be "the web" (XSS in AJAX etc.) and it still has a role to play in B2G.