Antonio, I was surprised to see that too - my guess is that it was a guess from long ago before push API was defined. On monday I created a version 1.0 of the matrix with many updates and corrections (including this) and sent it to the b2g list. Below are links to the new matrix, and the change log/question list:
Permissions Matrix 1.0: https://docs.google.com/spreadsheet/ccc?key=0Akyz_Bqjgf5pdHNlbDBDUGMzUzJSdFYyNEZjcngtUWc 1.0 version changes: https://etherpad.mozilla.org/permissionmatrixupdates (for reference, the change I made was to update permissions to match the wiki. Also I wasnt sure if there is a Mgmt API which allows the system to know what push notifications are registered?) Now to your concern about apps launching - is your fear that apps can keep themselves running by sending push notifications? My understanding of the way Push Notifications were handled was that there was user interaction in the process - i.e. they show up in the notifications tray, and then, only after the user has tapped on the notification the app is relaunched. Regards, Paul On Sep 26, 2012, at 8:34 PM, Antonio Manuel Amaya Calvo wrote: > Hey Paul. > > I've seen that on the permission matrix at > https://docs.google.com/spreadsheet/ccc?key=0Akyz_Bqjgf5pdENVekxYRjBTX0dCXzItMnRyUU1RQ0E&pli=1#gid=0 > the PushAPI is reserved to certified apps only, when it used to be a > Public API (according to > https://wiki.mozilla.org/WebAPI/Security/pushNotificationsAPI at least). > > Do you know why and when was that changed? > > I was in fact going to suggest either changing the way the system treats > notification currently (from what I've been told, the system *launches* > the app if it isn't running, which isn't good) or at least making it an > explicit permission for anything less than privileged, but just removing > the permission completely for anything less than certified seems a > little bit extreme. > > Best regards, > > Antonio > > > -- > Antonio Manuel Amaya Calvo_/ / _ /Security&Trust on N&S > email: [email protected] / _ _/ ( / Telefonica I+D > Tlf.: +34-91.312.98.95 _/ _/ \__/ D. Ramón de la Cruz 82 > Fax : 28006 Madrid, SPAIN > > ________________________________ > > Este mensaje se dirige exclusivamente a su destinatario. Puede consultar > nuestra política de envío y recepción de correo electrónico en el enlace > situado más abajo. > This message is intended exclusively for its addressee. We only send and > receive email on the basis of the terms set out at: > http://www.tid.es/ES/PAGINAS/disclaimer.aspx testResults['bluetooth'] _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
