Bug #3822

Restrict app permissions even more

Added by Anonymous over 3 years ago. Updated over 2 years ago.

Status:ClosedStart date:09/28/2014
Priority:HighDue date:06/15/2015
Assignee:-% Done:

0%

Category:-
Target version:Orfox Beta 1
Component:

Description

OrFox, as a privacy and security oriented browser, doesn't need any permissions except network access, permissions including "run a startup, sync, control vibration, modify system settings, NFC access, access profiles" are unnecessary and might pose a security and privacy risk for this kind of software.
Similar to OrWeb, OrFox should only have bare minimum required to function properly. (Please see screenshots attached)

OrFox permissions 1of2.png (181 KB) Anonymous, 09/28/2014 01:39 pm

OrFox permissions 2of2.png (159 KB) Anonymous, 09/28/2014 01:40 pm

OrWeb permissions.png (128 KB) Anonymous, 09/28/2014 01:40 pm


Related issues

Copied to Orfox Private Browser - Bug #6414: Restrict app permissions even more Closed 09/28/2014 06/15/2015
Copied to Orfox Private Browser - Bug #8065: Restrict app permissions even more Closed 09/28/2014 06/15/2015

History

#1 Updated by n8fr8 about 3 years ago

  • Target version set to Orfox Alpha

#2 Updated by n8fr8 over 2 years ago

  • Due date set to 06/15/2015

#3 Updated by n8fr8 over 2 years ago

Perms to try and remove:

  1. take pictures and video
  2. precise location (or any location)
  3. add or remove accounts, create accounts, find accounts
  4. NFC
  5. read sync settings, any seync settings
  6. modify system settings

#4 Updated by amoghbl1 over 2 years ago

  • Status changed from New to In Progress

Removing permissions might be a little harder than I expected, looking at this currently though.

#5 Updated by amoghbl1 over 2 years ago

  • Status changed from In Progress to Resolved

#6 Updated by amoghbl1 over 2 years ago

Current list of perms required:
  1. Read your web bookmarks and history
  2. Modify or delete the contents of your USB storage, read the contents of your USB storage
  3. *** Find Accounts on the device
  4. connect and disconnect from WiFi
  5. download files without notification
  6. view network connections
  7. view wifi connections
  8. run at startup
  9. control vibrations
  10. prevent phone from sleeping
  11. install shortcuts
  12. uninstall shortcuts
  • follow up bug in place for this at #5395

#7 Updated by n8fr8 over 2 years ago

  • Status changed from Resolved to Feedback

#8 Updated by n8fr8 over 2 years ago

  • Target version changed from Orfox Alpha to Orfox Alpha 2

Moving this to beta b/c I think we need additional review of permissions to ensure we lock it down as much as possible

#9 Updated by n8fr8 over 2 years ago

  • Target version changed from Orfox Alpha 2 to Orfox Beta 1

#10 Updated by n8fr8 over 2 years ago

  • Status changed from Feedback to Resolved

We've removed the most objectionable permissions, specifically the "accounts": https://dev.guardianproject.info/issues/5395

We'll resolve this for now, and review the work. Then we can open new specific tickets in the future for any objectionable perms.

#11 Updated by n8fr8 over 2 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF