Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
WebAPI Security Discussion: Power Management
12 views
Skip to first unread message
Lucas Adamski
May 1, 2012, 10:08:31 PM5/1/12
to dev-w...@lists.mozilla.org, dev-w...@lists.mozilla.org, dev-se...@lists.mozilla.org, dev-b2g
*Please reply-to dev-w...@lists.mozilla.org
*
Name of API: Power Management APIs
Reference: https://wiki.mozilla.org/WebAPI/PowerManagementAPI
Brief purpose of API: Allow apps to turn off or restart device and catch on-wake events
General Use Cases: None
Inherent threats: Denial of serviceto device (including telephone), annoyance
Threat severity: Moderate
== Regular web content (unauthenticated) ==
Use cases for unauthenticated code:None
Authorization model for normal content:
Authorization model for installed content:
Potential mitigations:
== Trusted (authenticated by publisher) ==
Use cases for authenticated code: None
Potential mitigations:
== Certified (vouched for by trusted 3rd party) ==
Use cases for certified code: Replacement Power Management App
Authorization model: Implicit
Potential mitigations:
*
Name of API: Power Management APIs
Reference: https://wiki.mozilla.org/WebAPI/PowerManagementAPI
Brief purpose of API: Allow apps to turn off or restart device and catch on-wake events
General Use Cases: None
Inherent threats: Denial of serviceto device (including telephone), annoyance
Threat severity: Moderate
== Regular web content (unauthenticated) ==
Use cases for unauthenticated code:None
Authorization model for normal content:
Authorization model for installed content:
Potential mitigations:
== Trusted (authenticated by publisher) ==
Use cases for authenticated code: None
Potential mitigations:
== Certified (vouched for by trusted 3rd party) ==
Use cases for certified code: Replacement Power Management App
Authorization model: Implicit
Potential mitigations:
pther...@mozilla.com
May 31, 2012, 6:48:12 AM5/31/12
to mozilla.d...@googlegroups.com, dev-w...@lists.mozilla.org
Final call for comment/changes to the permissions model for this API. Please provide comment by COB Friday June 1.
pther...@mozilla.com
May 31, 2012, 6:48:12 AM5/31/12
to mozilla-d...@lists.mozilla.org, dev-w...@lists.mozilla.org
Final call for comment/changes to the permissions model for this API. Please provide comment by COB Friday June 1.
On Wednesday, 2 May 2012 12:08:31 UTC+10, Lucas Adamski wrote:
On Wednesday, 2 May 2012 12:08:31 UTC+10, Lucas Adamski wrote:
0 new messages