Closed Bug 1198456 Opened 9 years ago Closed 6 years ago

PowerManager.factoryReset should be moved in a different API

Categories

(Firefox OS Graveyard :: Gaia::System::Power Mgmt, defect)

Product:
Firefox OS Graveyard
Component:
Gaia::System::Power Mgmt
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: lamerstar, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0
Build ID: 20150820180914

Steps to reproduce:

Gave power management permissions to an application


Actual results:

Got power management permissions


Expected results:

As the application can control the screen brightness, screen enabled and so on... It now also have the power to factory reset the phone. Don't get me wrong the functionality works. But the PowerManager API isn't the place for the factory reset method.

This could be a big issue once application starts using those APIs, nobody would expect that allowing an app to control the screen brightness, cpu sleeping and disable the screen could also factory reset the phone.

I'm not so certain how the factory reset is linked to power management too.
The `power` permission is only available for certified apps (see https://mxr.mozilla.org/mozilla-central/source/dom/apps/PermissionsTable.jsm#149), not for 3rd party ones.
I understand that right now, apps using those permissions probably need to be checked manually by people. Yet, the way B2G is designed, it should be possible for people to build their own market places. That said, it's not impossible that third parties will not check manually the code of every apps.

This could lead to other market place letting people submit apps that will factory reset phones randomly. Even the Mozilla Market Place isn't completely protected against that.
  Internal/Certified Apps: Such apps can currently only be pre-installed on the device, as chosen by the OEM.

Ah right, certified apps can't be installed from marketplaces apparently. I thought it worked as privileged apps.
This seems like a poor API choice -- I can see a movie or game app wanting to play with the screen brightness, or something like f.lux, and you certainly don't want to give it factory reset power. But since this is limited to certified (more or less "built-in") apps this isn't currently a security problem.
Group: b2g-core-security
Status: UNCONFIRMED → NEW
Ever confirmed: true
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.