Confirmed users
717
edits
WebAPI/Security/Settings: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
|||
| Line 1: | Line 1: | ||
Name of API: Settings API | Name of API: Settings API | ||
References: | |||
*https://bugzilla.mozilla.org/show_bug.cgi?id=678695 | |||
*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/jkzLINWWiQA/discussion | |||
Brief purpose of API: API to configure device settings | Brief purpose of API: API to configure device settings | ||
General Use Cases: None | General Use Cases: None | ||
Inherent threats: | Inherent threats: | ||
*Access sensitive configuration data ( | *Access sensitive configuration data (WiFi passwords etc) | ||
*Change settings which might cost user money (data settings, roaming etc) | *Change settings which might cost user money (data settings, roaming etc) | ||
*Privacy implications | *Privacy implications | ||
| Line 13: | Line 16: | ||
== Regular web content (unauthenticated) == | == Regular web content (unauthenticated) == | ||
Use cases for unauthenticated code: Read/change non-sensitive settings | |||
Authorization model for normal content: None | |||
Authorization model for installed content: Implicit read access to limited settings. Write access via web intents. | |||
Potential mitigations: Only non-sensitive settings will be exposed to regular apps. | |||
== Privileged (approved by app store) == | |||
Use cases for authenticated code: Modify a specific setting - e.g. e-book app modifies brightness in response to lighting conditions | |||
Authorization model: Implicit | |||
Potential mitigations: Access to a subset of lower risk settings | |||
== Certified (system-critical apps) == | |||
Use cases for certified code: replacement settings manager app | |||
Authorization model: Implicit access to all settings | |||
Potential mitigations: None | |||