Closed
Bug 805240
Opened 13 years ago
Closed 12 years ago
Importing contacts from facebook requires too many permissions
Categories
(Firefox OS Graveyard :: Gaia::Contacts, defect)
Tracking
(blocking-b2g:tef+, blocking-basecamp:-, b2g18 verified, b2g18-v1.0.0 wontfix, b2g18-v1.0.1 verified)
VERIFIED
FIXED
People
(Reporter: mossop, Assigned: jmcf)
References
Details
(Keywords: b2g-testdriver, unagi, Whiteboard: Need_FB_Support)
Attachments
(2 files)
app permissions
When importing contacts from facebook I have to agree to a ridiculous number of permissions
Which ones specifically?
|
Reporter | |
Comment 2•13 years ago
|
||
At a guess ... all of them. This is a screenshot from facebook showing all the permissions the app got. I don't understand why it needs any of it except things from friends profile info.
|
|
Reporter | |
Updated•13 years ago
|
Summary: Important contacts from facebook requires too many permissions → Importing contacts from facebook requires too many permissions
Ah, you're talking about facebook permissions, not b2g permissions.
I think this is Jose's code?
Not sure if this is a blocker or not.
Tom: Do you have opinions?
Assignee: nobody → jmcf
blocking-basecamp: --- → ?
|
||
Comment 4•13 years ago
|
||
This is being discussed also in bug 804031
|
||
Comment 5•13 years ago
|
||
marking this bug to block bug 804031. Adding needInfo to privacy team. We need a decision there if this is something we are blocking v1 or not.
Blocks: 804031
Flags: needinfo?(tom)
|
||
Comment 6•13 years ago
|
||
Suggestion: this is not a privacy blocker, but may instead be a usability or security blocker.
As long as we don't actually *use* any of these permissions, I don't think it's a privacy problem per se. However, the fact that we ask for them looks like a huge usability & adoption issue; I'd certainly be scared if I saw that, and might well not want to continue.
In addition, if a user accepts this, I assume that we get a token of some sort which has the authority to do these things. If that's stored on the phone, then there's the risk that some nefarious actor might get the token and use all those permissions. That would obviously be a privacy disaster, but as a result of a security vulnerability.
Flags: needinfo?(tom)
|
|
||
Updated•13 years ago
|
|
||
Comment 7•13 years ago
|
||
+1 on this, just saw this and denied the import.. This needs to be better thought through for security purposes.
|
||
Comment 8•13 years ago
|
||
Per triage: not considered blocking, given privacy team feedback. Working on getting a sec team response for this. We'd like to see this fixed, but it's not considered inherently harmful at this time.
blocking-basecamp: ? → -
|
||
Comment 9•13 years ago
|
||
Excuse the drive-by, but my take on this (as a 'security person') is that we shouldn't request permissions we don't need.
There are (at least) 2 reasons for this:
1) In the event that whatever we're doing is open to abuse, the impact is minimised (think Principle of Least Privilege)
2) Legitimate apps asking users for everything, all of the time, would seem to desensitize people to malicious apps that do the same - I can't support this with actual data, but it's a common argument in criticisms of Android, for example.
|
||
Comment 10•13 years ago
|
||
We have raised concerns in the past about Mozilla authored apps that have too much access to personal data on 3rd party sites like FB in the past, and while I agree with Toms comments about this only being a privacy issue if there is a security bug, we need to rein in the permissions the app is requesting from FB.
Paul, David, other than adjusting the permissions the app is looking for on the call to facebook, is there anything else needed here?
|
|
||
Comment 11•13 years ago
|
||
According to Daniel from TEF:
"Yeah, we need to have a look at the permissions used. The FB integration lead engineer has been on Holidays this week. Hope he can review the permissions next one. I am pretty sure we will need a more meaningful application key and set of permissions requested when going life to production."
|
Assignee | |
Comment 12•13 years ago
|
||
I have checked the requested permissions and those really needed and we can request less as wall post and messaging are done through FB Dialogs. I have changed them but the message for the user remains the same. I need to contact FB about this issue.
|
|
Assignee | |
Updated•13 years ago
|
Status: NEW → ASSIGNED
|
||
Updated•13 years ago
|
Component: Gaia → Gaia::Contacts
|
|
Assignee | |
Comment 13•13 years ago
|
||
FB was granting all those permissions for our app as it is whitelisted. FB is going to grant only those permissions which are really needed. We are awaiting for the fix on their side
|
|
Assignee | |
Updated•13 years ago
|
Whiteboard: Need_FB_Support
|
|
||
Updated•13 years ago
|
blocking-basecamp: - → ?
|
||
Comment 15•13 years ago
|
||
Not blocking, outside of our code scope. Individual issues of the FB integration that we *can* affect should be filed as separate issues out of the review in bug 804031.
blocking-basecamp: ? → -
|
|
||
Updated•13 years ago
|
|
||
Comment 16•13 years ago
|
||
(In reply to Jose M. Cantera from comment #13)
> FB was granting all those permissions for our app as it is whitelisted. FB
> is going to grant only those permissions which are really needed. We are
> awaiting for the fix on their side
Jose, can you confirm if this fix has been implemented and if not, could you please follow up asap?
Flags: needinfo?(jmcf)
|
|
Assignee | |
Comment 17•13 years ago
|
||
As I said to you privately, we are going to reiterate our request to Facebook for fixing this. It is a must
thanks!
Flags: needinfo?(jmcf)
|
|
Assignee | |
Comment 18•12 years ago
|
||
After talking to FB. We are close to resolving this. ETA is next week (starting 18/02)
|
|
Assignee | |
Comment 19•12 years ago
|
||
The patch adjusts the requested permissions to only those which are really needed. In addition Facebook has adjusted their platform to only whitelist us for certain permissions.
Once we get an r+ this patch should be also landing in v1-train and v1.0.1
Attachment #715918 -
Flags: review?(crdlc)
|
|
Assignee | |
Updated•12 years ago
|
blocking-b2g: --- → tef?
|
||
Comment 20•12 years ago
|
||
Comment on attachment 715918 [details]
Pointer to GH PR
I deleted the app from my Facebook account and works fine, thanks
Attachment #715918 -
Flags: review?(crdlc) → review+
|
|
||
Comment 21•12 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
|
||
Comment 22•12 years ago
|
||
Marking as blocker so this low risk fix can land without approval when ready to v1-train and v1.0.1
blocking-b2g: tef? → tef+
|
|
||
Updated•12 years ago
|
|
||
Comment 23•12 years ago
|
||
v1-train@46d43c65b3bb29f8da61b4fc30f11eac401fb072
v1.0.1@b60ff85c8f7bb9bf6a76620e969ae1097e185f2c
Bug 853195 noted, FTE portion can't be checked due to bug 852598.
Gecko http://hg.mozilla.org/releases/mozilla-b2g18_v1_0_1/rev/e74dafa6b2d9
Gaia 1438da6ca0e020a8df686e2100a668370dfe6fb6
BuildID 20130312230202
Version 18.0
Gecko http://hg.mozilla.org/releases/mozilla-b2g18/rev/778da49486f0
Gaia 6c3767c2dea43b5e9aff7d156d36d69649005621
BuildID 20130320070206
Version 18.0
Status: RESOLVED → VERIFIED
|
||
Updated•12 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•