Closed Bug 823691 Opened 11 years ago Closed 11 years ago

We should catch bad permissions in the manifest during validation


(Marketplace Graveyard :: Validation, defect)

Not set


(Not tracked)



(Reporter: krupa.mozbugs, Assigned: basta)


I found a packaged app which upon installation would throw this JS error

12-20 20:48:24.533 E/GeckoConsole(  109): [JavaScript Error: "PermissionsInstaller.jsm: 'device-storage' is not a valid Webapps permission name." {file: "resource://gre/modules/PermissionsInstaller.jsm" line: 122}]

We should be more stringent during validation and not allow bad persmissions in the manifest.
I like this idea.  Jonas - is there any reason not to keep a list of the permissions in the validator and reject apps asking for something not on the list?
Nope, it would be great if we enforce this on the marketplace side! We should definitely not sign any package where there are permissions that don't (yet) have a meaning.
Assignee: nobody → mattbasta
Target Milestone: --- → 2013-01-03
The validator originally did this, but we decided about three months ago not to because the docs don't keep up with the implementation (and we're generally slow to update the validator), meaning folks were getting spurious warnings that the permissions they were using weren't valid permissions.

Are you sure that we should reverse this? Is the cost of being a few weeks out of date worth the extra strictness in the long run?
The set of permissions is now pretty stable. Definitely stable enough that being a few weeks out won't be a big deal.

We really should never sign an app which contains permissions that we don't understand since that can have unknown security implications for the end user. So if we don't catch this in the validator, we should definitely make sure it gets caught during review.
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.