- From: Luiz Augusto von Dentz via GitHub <sysbot+gh@w3.org>
- Date: Wed, 03 Aug 2016 11:03:52 +0000
- To: public-web-bluetooth-log@w3.org
> Is the security issue just that processes that can intercept IPC messages will find out the advertisements? No, I meant that the browser itself is not a privileged application which shouldn't be given direct access for things that have shared control such as scanning. This is actually acknowledge in the Android API: https://developer.android.com/reference/android/bluetooth/le/BluetoothLeScanner.html - Note: Most of the scan methods here require BLUETOOTH_ADMIN permission. (Btw, I wouldn't be surprised if this gets bumped to BLUETOOTH_PRIVILEGED if used with SCAN_MODE_LOW_LATENCY) In Linux this would translate to have CAP_NET_ADMIN a.k.a root and then using the kernel Bluetooth Management socket to control the scanning parameters and results. -- GitHub Notification of comment by Vudentz Please view or discuss this issue at https://github.com/WebBluetoothCG/web-bluetooth/pull/239#issuecomment-237207639 using your GitHub account
Received on Wednesday, 3 August 2016 11:05:55 UTC