WebAPI/Security/Background

From MozillaWiki
Jump to: navigation, search

Name of API: Background API

Reference:
http://groups.google.com/group/mozilla.dev.webapi/browse_thread/thread/3455cb056e40d095
http://groups.google.com/group/mozilla.dev.webapps/browse_thread/thread/f54c52d015d90fd3

Brief purpose of API: Provide for applications to request to remain and run in the background. It is not intended for pure background services.

General Use Cases: Navigation app continuing to run and provide driving prompts from the background.

Inherent threats: Resource utilization

Threat severity: Low by itself. Could raise the security concerns of other APIs.

Regular web content (unauthenticated)

Use cases for unauthenticated code: Streaming radio station wants to continue to play in the background.

Authorization model for normal content: Implicit

Authorization model for installed content: Implicit

Potential mitigations:

Trusted (authenticated by publisher)

Use cases for trusted code: Implicit

Potential mitigations:

Certified (vouched for by trusted 3rd party)

Use cases for certified code:

Authorization model: Implicit

Potential mitigations:

Notes

This is an API that content can use to request to remain in the background and not be cleaned up. It could accentuate the security concerns of other APIs (for example, an app with Camera permission could be more of a security risk if it can continue recording out of sight of the user), but it is not a security risk itself. It should be noted in the App Review Policy about this fact for reviewers to keep in mind.