Open
Bug 1589685
Opened 5 years ago
Updated 2 years ago
Use StoragePrincipal for deviceId (and potentially QuotaManager if not used)
Categories
(Core :: WebRTC, enhancement, P3)
Core
WebRTC
Tracking
()
NEW
People
(Reporter: annevk, Unassigned, NeedInfo)
References
(Blocks 1 open bug)
Details
Per discussion with Jan-Ivar, StoragePrincipal is not used for deviceId at the moment which would allow circumventing some storage policies potentially.
In particular, if a user uses top-level A and A nested in top-level B (with B delegating permission once we have Feature Policy) the two As should probably not get to bypass StoragePrincipal separation even if they both have a WebRTC permission.
Flags: needinfo?(jib)
Comment 1•5 years ago
|
||
Very good point, happy to help integrate this with storage principal.
Comment 2•4 years ago
|
||
Jib, can you please follow up on the above?
Type: defect → enhancement
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•