Closed Bug 763965 Opened 7 years ago Closed 7 years ago

SecReview: Settings API - Exposure to Web

Categories

(mozilla.org :: Security Assurance, task)

task
Not set

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 841071

People

(Reporter: curtisk, Assigned: sicking)

References

()

Details

(Whiteboard: [action item])

SecReview Action Item bug
cjones/gal Do we want to expose anything at all right now to the web?
Yes, this is exposed to apps through settings-read/settings-write permissions.
Currently an app can either read or write all or 0 settings. Maybe that's not enough?

We were discussing a finer granularity. Maybe 2, 3 levels of granularity that mirror certified apps, trusted apps, untrusted apps. Or do we even need a huge matrix with a app:setting map?
Duping a 841071 since there is more movement there.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 841071
You need to log in before you can comment on or make changes to this bug.