When ConnectA2 try to attach an image from camera, something the camera will take a long time. If connectA2 can group apps in activities chains as bug 982491, it could be better. Now only certified app can use activities chains, but connectA2 is privileged type. Is there any concern to allow privileged type apps to use activities chains?
Created attachment 8462974 [details] [diff] [review] gecko_allow_privileged.patch Fabrice, Could you have a look to this patch? Is it reasonable to allow privileged app to use activities chains? Thanks!
Attachment #8462974 - Flags: feedback?(fabrice)
Tim, Do you have any concern about allow privileged type app to group apps in activities chains?
I do, but I don't think there is any alternative either.
Flags: needinfo?(timdream) → needinfo?(ptheriault)
Comment on attachment 8462974 [details] [diff] [review] gecko_allow_privileged.patch Review of attachment 8462974 [details] [diff] [review]: ----------------------------------------------------------------- I really don't think we can run apps with different privilege levels in the same process. But we need the security people to weight in.
Attachment #8462974 - Flags: feedback?(fabrice) → feedback-
I cannot reproduce this issue on my tarako device with same SD content. kai-zhen, could you help to co-work with partner then try to provide STR and check cpu/memory usage?
This issue is not easy to reproduce. Today partner can't reproduce it too. I'll collect the cpu/memory usage when it happened again.
I don't know what activity chains are, but from I can tell it allows an app to open a web activity in its own process or something like that. Do activity chains actually result in new permissions being granted to a process? I assume so, otherwise things like the camera picker wouldn't work. So basically +1 to what Fabrice said - if we allowed ConnectA2 to open the camera app to choose a photo in it's process, we would need to grant that process the permissions needed to run the camera app, which breaks our security model. Two possible solutions: - Camera permission is available to privileged - can we just implement a library version of the camera picker that they can include in their app? - (complex and probably bad idea): allow same process activities, so long as the app initiating the activity is the same or higher app type than the handler, and contains all of the permissions of the handler (ie dont grant new permissions).
Since this is not a security bug in shipping product we don't really need to hide this. If you feel we need to hide it because the code we're GOING to add is adding a vulnerability then we should not add the code, not hide it.
I think bug 1050181 is linked with this problem. What do you think? Juanma
Firefox OS is not being worked on
Status: NEW → RESOLVED
Last Resolved: 14 days ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.