WebAPI/Security/Idle: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
Ptheriault (talk | contribs) No edit summary |
||
| Line 5: | Line 5: | ||
*Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion | *Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion | ||
Brief purpose of API: Notify an app if the user is idle | Brief purpose of API: Notify an app if the user is idle.<br> | ||
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program). | General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program). | ||
| Line 13: | Line 12: | ||
**Signalling multiple windows at exactly the same time could correlate user identities and compromise privacy | **Signalling multiple windows at exactly the same time could correlate user identities and compromise privacy | ||
**Could be used by a workplace to monitor activity by monitoring system idle | **Could be used by a workplace to monitor activity by monitoring system idle | ||
Threat severity: Low | Threat severity: Low | ||
Authorization | {| border="1" class="wikitable" | ||
! Type | |||
! Use Cases | |||
! Authorization Model | |||
|- | |||
| Web Content || None || No access | |||
|- | |||
| Installed Web Apps || None || No access | |||
|- | |||
| Privileged Web Apps || None || No access | |||
|- | |||
| Certified Web Apps || Notify an app if the user is idle. || Implicit | |||
|} | |||
== | === Regular web content (unauthenticated) === | ||
Use cases for | Use cases for unauthenticated code: None. | ||
Authorization model for normal content: No Access. | |||
Authorization model: | *Installed Web Apps | ||
**Use cases for unauthenticated code: None. | |||
**Authorization model for normal content: No access. | |||
*Privileged (approved by app store) | |||
*Use cases for privileged code: None. | |||
**Authorization model: No access. | |||
Potential mitigations: | === Certified (system-critical apps) === | ||
Use cases for certified code: Notify an app if the user is idle <br> | |||
Authorization model: Implicit <br> | |||
Potential mitigations: Due to the privacy risks associated with this API, access is limited to certified applications. (See https://bugzilla.mozilla.org/show_bug.cgi?id=780507 for further detail). | |||
Revision as of 02:04, 24 September 2012
Name of API: Idle API
References:
- https://wiki.mozilla.org/WebAPI/IdleAPI
- Security discussion: https://groups.google.com/d/topic/mozilla.dev.webapps/Wxgz7_LKD40/discussion
Brief purpose of API: Notify an app if the user is idle.
General Use Cases: Notify a web page is a user is idle (e.g. to change a status in an instant messaging program).
Inherent threats:
- Privacy implications
- Signalling multiple windows at exactly the same time could correlate user identities and compromise privacy
- Could be used by a workplace to monitor activity by monitoring system idle
Threat severity: Low
| Type | Use Cases | Authorization Model |
|---|---|---|
| Web Content | None | No access |
| Installed Web Apps | None | No access |
| Privileged Web Apps | None | No access |
| Certified Web Apps | Notify an app if the user is idle. | Implicit |
Regular web content (unauthenticated)
Use cases for unauthenticated code: None. Authorization model for normal content: No Access.
- Installed Web Apps
- Use cases for unauthenticated code: None.
- Authorization model for normal content: No access.
- Privileged (approved by app store)
- Use cases for privileged code: None.
- Authorization model: No access.
Certified (system-critical apps)
Use cases for certified code: Notify an app if the user is idle
Authorization model: Implicit
Potential mitigations: Due to the privacy risks associated with this API, access is limited to certified applications. (See https://bugzilla.mozilla.org/show_bug.cgi?id=780507 for further detail).