Closed
Bug 763052
Opened 12 years ago
Closed 12 years ago
Add logic to detect new sensitive permissions for re-review
Categories
(Marketplace Graveyard :: Reviewer Tools, defect, P4)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: robhudson, Unassigned)
References
Details
Detect new sensitive permissions and place in re-review queue.
Comment 2•12 years ago
|
||
Is this bug still valid? Only packaged apps will have sensitive permissions (right?) and each version will be reviewed anyway rather than being selectively flagged in the re-review queue.
(please reopen if this isn't the case)
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
Comment 3•12 years ago
|
||
What happens if a hosted (manifest) app starts asking for new permissions?
Comment 4•12 years ago
|
||
(In reply to Chris Van Wiemeersch [:cvan] from comment #3)
> What happens if a hosted (manifest) app starts asking for new permissions?
from what I understand hosted apps can't get sensitive permissions:
https://wiki.mozilla.org/Apps/Security#Open_Web_Apps_Security_and_Privacy_Model
(disclaimer: I only skim-read that page :) )
Comment 5•12 years ago
|
||
(In reply to Andrew Williamson [:eviljeff] from comment #4)
> (In reply to Chris Van Wiemeersch [:cvan] from comment #3)
> > What happens if a hosted (manifest) app starts asking for new permissions?
>
> from what I understand hosted apps can't get sensitive permissions:
> https://wiki.mozilla.org/Apps/
> Security#Open_Web_Apps_Security_and_Privacy_Model
> (disclaimer: I only skim-read that page :) )
Yeah I understand they don't receive sensitive permissions but it's unclear to me what happens if an app requests them. I assume we fail silently? I don't know?
Comment 6•12 years ago
|
||
(In reply to Chris Van Wiemeersch [:cvan] from comment #5)
> (In reply to Andrew Williamson [:eviljeff] from comment #4)
> > (In reply to Chris Van Wiemeersch [:cvan] from comment #3)
> > > What happens if a hosted (manifest) app starts asking for new permissions?
> >
> > from what I understand hosted apps can't get sensitive permissions:
> > https://wiki.mozilla.org/Apps/
> > Security#Open_Web_Apps_Security_and_Privacy_Model
> > (disclaimer: I only skim-read that page :) )
>
> Yeah I understand they don't receive sensitive permissions but it's unclear
> to me what happens if an app requests them. I assume we fail silently? I
> don't know?
I'd expect it to be ignored, yeah.
You need to log in
before you can comment on or make changes to this bug.
Description
•