Closed
Bug 764204
Opened 13 years ago
Closed 12 years ago
Need to extend nsIPrincipal to recognize apps
Categories
(Core :: General, defect)
Core
General
Tracking
()
RESOLVED
DUPLICATE
of bug 758258
blocking-basecamp | + |
People
(Reporter: ladamski, Assigned: mounir)
References
Details
We need to be able to differentiate privileged application assets from non-application assets that may be hosted on the same domain, or (in the future) different apps coming from the same origin.
Reporter | ||
Updated•13 years ago
|
Updated•13 years ago
|
Summary: Need to extend NSIPrincipal to recognize apps → Need to extend nsIPrincipal to recognize apps
Assignee | ||
Updated•13 years ago
|
Product: Boot2Gecko → Core
QA Contact: general → general
Updated•13 years ago
|
blocking-basecamp: --- → ?
Assignee | ||
Comment 2•13 years ago
|
||
What is that bug for? Is it to make sure applications have different privileges/data/whatever or do we want to use that to differenciate trusted, certified and untrusted apps?
We already have plans for the former but AFAIK, there are no plans for the later and we might need to define something.
Comment 3•13 years ago
|
||
(In reply to Mounir Lamouri (:mounir) from comment #2)
> What is that bug for? Is it to make sure applications have different
> privileges/data/whatever or do we want to use that to differenciate trusted,
> certified and untrusted apps?
I was interpreting it as being for the former.
Assignee | ||
Comment 4•13 years ago
|
||
In that case, I believe this can be marked as a duplicate of bug 758258. However, we probably want to define how we would differentiate untrusted/trusted/certified apps because with jar identifiers, we will have no way to get that information.
Comment 5•13 years ago
|
||
Lucas, should we change this bug?
Reporter | ||
Comment 6•13 years ago
|
||
I think we need to be able to do both, but it depends on how we implement privileges. The camera privilege means something very different for an untrusted vs trusted vs certified app. If we simply say an app has "camera" privilege then we can't determine the correct experience at runtime. We may also apply other things based upon app type like a specific CSP policy. Maybe the best solution would be to keep a reference to the app manifest. Is that stored in memory after load?
Comment 7•13 years ago
|
||
My thought on privileges/permissions is that permissions for the various flavors of apps gets set when the manifest gets installed and parsed (nsIPermissionManager is getting a "SetDefaultPermissions" that takes the app type along with the list of permissions and origin/whatever is used to indicate an app). After that I don't believe that the permission manager needs to know what type of app it is. So bug 758258 may be sufficient for the permissions.
Reporter | ||
Updated•12 years ago
|
Assignee | ||
Comment 8•12 years ago
|
||
For the moment, the plan is to use bug 758258 to do this. Marking as DUPLICATE. Will re-open if the plan changes.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
Updated•12 years ago
|
blocking-basecamp: ? → +
You need to log in
before you can comment on or make changes to this bug.
Description
•