- From: Janusz Majnert <j.majnert@samsung.com>
- Date: Wed, 27 Feb 2013 08:36:31 +0100
- To: public-sysapps@w3.org
On 2013-02-27 01:36, Jonas Sicking wrote: > On Tue, Feb 26, 2013 at 2:02 AM, Janusz Majnert <j.majnert@samsung.com> wrote: >>>> Wouldn't it be better to separate this level into two and allow >>>> implementations to configure how the APIs are distributed among them? >>> >>> >>> I think that would be worse than a "all or nothing situation" because >>> some runtime will allow Foo API to be used by any installed applications >>> and some runtime will not and at the end APP A that uses Foo API will >>> only be usable on the runtimes allowing it to run without being >>> privileged. >> >> My point exactly. Having the implementations or operators customise which >> APIs are available to which apps could minimise legal and cultural issues we >> get if we impose a single model ourselves. > > We absolutely must avoid the trap that the DAP fell into and which > ultimately caused a lot of the work that happened there to fail. I.e. > we must not defer to vague concepts of "security policies" which are > defined by some omnious 3rd party which defines what security policy a > particular user uses. > > That said, I still agree with what you are saying, we just have to be > very explicit about who makes which decisions. In Firefox OS the > runtime trusts a set of stores, and those stores decides which > applications should get access to which privileged APIs. Likely we'll > expand this so that Firefox OS trusts certain stores to only can hand > out certain privileges. Could you please elaborate on this? On one hand you're saying that we should avoid defining security policies, but then you say that Firefox OS will define rules for which store can hand out which privileges - sounds like security policies to me :-) Also, I'm far from defining the actual policies - these should be left to the operators/vendors. I would like the SysApps runtimes to have a mechanism for defining policies and for communicating them to the app store. /Janusz
Received on Wednesday, 27 February 2013 07:37:07 UTC