A certified/privileged app having the same origin as an already installed certified app (such as email for example) can be installed and accessed certified data.

Isn't that expected/desired behavior? We don't have any way to prove an apps origin and if you're sideloading certified apps you're kind of rooting the device (one of the reasons we didn't want to allow it originally)

Stephanie - what is the difference between this and bug 1019714? This is basically what I meant when I raised 1019714, and I have replied as such. Technically when you update an app you reinstall it, so we have to allow this behavior to some extent.

Oh do you mean installed, as distinct from 'sideloaded' ? If so then, its really up to marketplace controls I think isn't ?

Paul, Fabrice asked me to assign him this bug in Core DOM:App to fix this on the core side. It makes sense to add the protection there for *gaiamobile.org apps instead of in the devtools to have a better cover. Unless there's a subtility that was overlooked?

Fabrice: is this a dupe of bug 1019714 or did you mean this bug to cover some different aspect of what you're fixing there?

(In reply to Daniel Veditz [:dveditz] from comment #5) > Fabrice: is this a dupe of bug 1019714 or did you mean this bug to cover > some different aspect of what you're fixing there? I thought that we would need a patch on the devtools side and one on the dom/apps side, hence the two bugs. I talked with Paul & Stéphanie yesterday and we agreed to prevent anyone to install or sideload an app with a *.gaiamobile.org origin so I will make that happen here.

I think this bug is actually solved by the solution to 1019714. Instead of blocking installing apps with gaiamobile.org in the name, Alex add a "sideloaded" attribute to apps that have been sideloaded. Now you can only replace apps that have been sideloaded. Thats right isn't is Alex? (ie you cant override certified apps since they are not marked with side-loaded) Re: Fabrice's comment, IIUC the patch in 1019714 it has both the devtools and webapps.jsm changes.

(In reply to Paul Theriault [:pauljt] from comment #7) > I think this bug is actually solved by the solution to 1019714. Instead of > blocking installing apps with gaiamobile.org in the name, Alex add a > "sideloaded" attribute to apps that have been sideloaded. Now you can only > replace apps that have been sideloaded. > > Thats right isn't is Alex? (ie you cant override certified apps since they > are not marked with side-loaded) Yes, when using devtool actors. > > Re: Fabrice's comment, IIUC the patch in 1019714 it has both the devtools > and webapps.jsm changes. But bug 1019714's patch only prevents devtools overrides. I don't know how we could overload gaiamobile.org apps via dom/apps API.

Are we still concerned here?

No.