Closed
Bug 773117
(app-blocklisting)
Opened 12 years ago
Closed 6 years ago
Blocklisting for apps
Categories
(Firefox OS Graveyard :: General, defect)
Firefox OS Graveyard
General
Tracking
(blocking-kilimanjaro:+, blocking-basecamp:-)
RESOLVED
WONTFIX
People
(Reporter: ladamski, Unassigned)
References
Details
(Keywords: feature, sec-want, Whiteboard: [WebAPI:P3][LOE:S])
We need to figure out a blocklisting mechanism for apps. Note that it will probably have to be different for web installed vs trusted/certified apps.
|
Reporter | |
Updated•12 years ago
|
Group: webtools-security
|
|
Reporter | |
Updated•12 years ago
|
blocking-basecamp: --- → ?
blocking-kilimanjaro: --- → ?
|
|
Reporter | |
Updated•12 years ago
|
Product: Web Apps → Boot2Gecko
|
||
Updated•12 years ago
|
blocking-basecamp: ? → +
blocking-kilimanjaro: ? → +
Assignee: nobody → ladamski
|
|
Reporter | |
Updated•12 years ago
|
Blocks: basecamp-updates
|
||
Updated•12 years ago
|
Whiteboard: [WebAPI:P3]
|
|
Reporter | |
Comment 1•12 years ago
|
||
Here's the strategy, such as it is for basecamp: a) certified apps: we push out a gecko update with fixes to the affected app b) privileged apps: we push out an update containing an "I'm sorry but this app has been disabled due to ..." shim. c) web installed apps: we can pull them from the app store but not really revoke them on the device directly. Unfortunately AFAIK we also don't yet have SafeBrowsing support. The latter arguably is a better solution anyway.
Whiteboard: [WebAPI:P3] → [WebAPI:P3][LOE:S]
I don't think we'll have time to do this before feature freeze. We can always fake this by pushing an update which disables the app.
blocking-basecamp: + → -
Crap, I hadn't seen comment 1 when I made comment 2. So do you agree that there is no work that's needed to be done in Gecko/Gaia for v1 then? Should we file a separate bug on the marketplace for doing whatever they need to do in order to make comment 1 possible? I.e. put it into our policy that we have the right to push such an update, and possibly prepare code so that we can execute quickly if needed?
|
|
||
Updated•12 years ago
|
Alias: app-blocklisting
|
|
Reporter | |
Comment 4•12 years ago
|
||
Yeah I don't think there's anything meaningful we can do for 1.0 on the client side. Filing a bug against Marketplace is a good idea.
|
|
Reporter | |
Updated•11 years ago
|
Assignee: ladamski → nobody
|
||
Comment 5•6 years ago
|
||
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•