(see here for more info on what i mean with API)
apps should be able to call API, but there should be some kind of simple, non-limiting and easy way to secure these API's
- first, i was thinking that a general access listing could be provided by Jolla, since all apps and OS have these API's, the Jolla people can decide on a sane default access for each API, (eg: no mail/sms/social_media/etc... )
- secondly, these should be editable on each device seperately
- app installs or updates should extend this list (with the default access level (none, ask, certain apps, all)
- if an app starts for the first time (or update, or an API has become installed), (if the level is ask) the system should notify the user that this app, he's running for the first time, is requesting this or that API from other apps or system that if they want to or not. at this point, the user can select ask later, or allow (for now) or whatever action for each API independantly
- Since users can modify default, they could for example select that facebook API's (all, or selection) are always denied
- the good point now, is that APP that want this kind of API, should still run.
- This allows for instance to run games and not want these games to post scores on facebook
- This also allows for apps to send emails or sms automatically, without confirmation, because the users would have validated this, or have access to contacts or whatever...
The sky is the limit here as well...