Closed Bug 763965 Opened 12 years ago Closed 11 years ago

SecReview: Settings API - Exposure to Web

Tracking

(Not tracked)

Status:

RESOLVED DUPLICATE of bug 841071

People

(Reporter: curtisk, Assigned: sicking)

References

(
URL
)

Details

(Whiteboard: [action item])

Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]]

Reporter

Description

•

12 years ago

SecReview Action Item bug
cjones/gal Do we want to expose anything at all right now to the web?

Chris Jones [:cjones] inactive; ni?/f?/r? if you need me

Comment 1

•

12 years ago

Yes, this is exposed to apps through settings-read/settings-write permissions.

Gregor Wagner [:gwagner]

Comment 2

•

12 years ago

Currently an app can either read or write all or 0 settings. Maybe that's not enough?

We were discussing a finer granularity. Maybe 2, 3 levels of granularity that mirror certified apps, trusted apps, untrusted apps. Or do we even need a huge matrix with a app:setting map?

Paul Theriault [:pauljt] (no longer reading bugmail)

Comment 3

•

11 years ago

Duping a 841071 since there is more movement there.

Status: NEW → RESOLVED

Closed: 11 years ago

Resolution: --- → DUPLICATE

Paul Theriault [:pauljt] (no longer reading bugmail)

Updated

•

11 years ago

Depends on: 846200

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

SecReview: Settings API - Exposure to Web

Categories

(mozilla.org :: Security Assurance, task)

Tracking

(Not tracked)

People

(Reporter: curtisk, Assigned: sicking)

References

(
URL
)

Details

(Whiteboard: [action item])

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2

Comment 3

Updated