Open
Bug 1589685
Opened 6 years ago
Updated 1 year ago
Use StoragePrincipal for deviceId (and potentially QuotaManager if not used)
Categories
(Core :: WebRTC, enhancement, P3)
Core
WebRTC
Tracking
()
NEW
People
(Reporter: annevk, Unassigned)
References
(Blocks 1 open bug)
Details
Per discussion with Jan-Ivar, StoragePrincipal is not used for deviceId at the moment which would allow circumventing some storage policies potentially.
In particular, if a user uses top-level A and A nested in top-level B (with B delegating permission once we have Feature Policy) the two As should probably not get to bypass StoragePrincipal separation even if they both have a WebRTC permission.
Flags: needinfo?(jib)
|
||
Comment 1•6 years ago
|
||
Very good point, happy to help integrate this with storage principal.
|
||
Comment 2•6 years ago
|
||
Jib, can you please follow up on the above?
Type: defect → enhancement
Priority: -- → P3
|
||
Updated•3 years ago
|
Severity: normal → S3
|
||
Updated•1 year ago
|
Flags: needinfo?(jib)
Priority: P3 → P2
|
|
||
Updated•1 year ago
|
Priority: P2 → P1
|
||
Updated•1 year ago
|
Blocks: webrtc-triage
Priority: P1 → P3
|
|
||
Comment 3•1 year ago
|
||
smaller issue now that more privacy oriented enumerate devices shipped.
No longer blocks: webrtc-triage
You need to log in
before you can comment on or make changes to this bug.
Description
•