Marionette isn't provided on production builds (unless that is what you are proposing). Developer builds have root access enabled so not an issue I think.
Marionette is actually equivalent to root, not just similar to root (since it can execute chrome code, not just code in the system app). So I don't think we would ship marionette on any phone that we prevent root access on. On Sep 10, 2013, at 8:38 PM, David Burns wrote: > How would this security model work with Marionette since Marionette needs to > access different apps according to what the user wants to do. > > We go in through a similar route to the remote debugger into the device(we > are just a different actor) > > David > > On 10/09/2013 16:29, Paul Theriault wrote: >> (bcc dev-gaia) >> >> I have been discussing the security implications of remote debugging with a >> number of people and I wanted to through the question out to a wider >> audience. Remote debugging allows access to read any data in app and as such >> has implications for the scenario of when a user loses their phone. >> >> Do we want to allow the remote debugger to connect to any app? >> >> My proposal is that, for production devices, you should only be allowed to >> debug the apps you are developing. That is, the remote debugger will only >> connect to web apps and privileged apps pushed to the device via the >> simulator. It will _not_ connect to certified apps, or signed privileged >> apps installed from the store. The only exception to this i can think of is >> we probably support remote debugging of tabs within the browser app (and >> possibly bookmarked web pages opened by the system app). >> >> For developer builds, the remote debugger would connect to any app. >> >> Thoughts on this proposal? >> >> - Paul >> >> >> >> >> _______________________________________________ >> dev-b2g mailing list >> [email protected] >> https://lists.mozilla.org/listinfo/dev-b2g > _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
