Secure Coding mailing list archives

Re: Microsoft SDL report card

From: Gunnar Peterson <gunnar () arctecgroup net>
Date: Tue, 3 May 2011 10:24:19 -0500

but actually we should be making decisions at higher
levels where the permission correspond to things the user understands
(e.g. "my account at Google" or "my Flickr photos" or "this album in
Picasa").


Salesforce.com oauth client for Android is a good example of this

http://wiki.developerforce.com/index.php/Building_Android_Applications_with_the_Force.com_REST_API

Its a gap in all Mobile OS as far as I can tell, which makes it doubly nice that Salesforce open sourced their work

-gunnar
_______________________________________________
Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________

Current thread:

Re: Microsoft SDL report card Steven M. Christey (Apr 01)
- <Possible follow-ups>
- Re: Microsoft SDL report card Gary McGraw (Apr 04)
  - Re: Microsoft SDL report card Ben Laurie (Apr 05)
    - Re: Microsoft SDL report card Gary McGraw (Apr 05)
    - Re: Microsoft SDL report card Kevin W. Wall (Apr 05)
    - Re: Microsoft SDL report card Ben Laurie (Apr 17)
    - Re: Microsoft SDL report card Andy Steingruebl (Apr 18)
    - Re: Microsoft SDL report card Ben Laurie (May 03)
    - Re: Microsoft SDL report card Gunnar Peterson (May 03)
    - Re: Microsoft SDL report card iarce (May 05)
    - Re: Microsoft SDL report card Steven M. Christey (May 06)