- From: Marcos Caceres <marcosscaceres@gmail.com>
- Date: Mon, 11 Feb 2013 21:45:32 +0000
- To: public-sysapps@w3.org
The spec says: > > All the alarms that have been added can be automatically restored after rebooting the system. User storage and management of the alarms is not really covered by the specification. It also has privacy and security implications (e.g., As a user: what happens to my alarms when I clear my browsing history? How can I view the alarms? What happens to the data associated with the alarms - how is everything stored and can people view it?). More below… Spec says: > > 4.2 Interface AlarmManager > > > > The AlarmManager interface exposes methods to get, set or remove alarms. Alarms are application specific, so there is no way to see the alarms scheduled by other applications nor to modify them. I'm wondering if this can be tied more closely to either the security document being prepared by this group or to HTML5's security policies for scripts? Sorry, I don't have any recommended wording for this right now. Also, I think you mean that *scripts* can't "see the alarms scheduled by other applications nor to modify them". The end-user needs to be able to see alarms set by applications and remove them (e.g., if a buggy app goes rogue and sets 100,000 alarms, potentially rendering the user's device useless) - I guess this is a question, more than a comment about how to deal with that? I feel the user needs some way to kill alarms for a particular app and view what other alarms have been set by apps. -- Marcos Caceres http://datadriven.com.au
Received on Monday, 11 February 2013 21:46:02 UTC