Review security permissions
When you start an application in the OpenFin environment, you might see a dialog box for Review Security Permissions. This happens because the application wants to perform one or more actions that potentially could harm the security of your computer if misused. This dialog box appears only if no policy has been set by your organization or by OpenFin about whether this application should be allowed to perform the specified actions.
If you choose Don't Allow, the application might lack some of the functionality you expect.
Caution
Allow permissions only for applications that you trust and that you obtained from a reliable source.
Here is a list of possible features that an application might ask for permission for, reasons that it might ask for them, and reasons for being cautious about granting permissions.
| Application action | Typical uses | Potential security risk |
|---|---|---|
| Access system audio | Play audio files you choose, or enable use of your microphone for voice input. | The application could capture sounds from your computer's microphone without your consent. |
| Access location data | Provide information that is relevant based on your location. | The application could learn about and use your location in ways that violate your privacy or your organization's policies. |
| Download remote files | Download files that you choose or approve. | The application could download files that contain malicious programs without your consent. |
| End external processes | End programs that were started from this one. | The application could end programs that you or your organization needs to keep running. |
| Get information about another app's window | Be able to share screen space optimally with another program's windows. | The application could learn information it should not know about other applications running on your computer. |
| Get information about other apps' windows | Be able to share screen space optimally with other programs' windows. | The application could learn information it should not know about other applications running on your computer. |
| Get information about the OS and the currently logged in user | Customize application behavior based on the operating system and user. | The application could learn sensitive information about the current user's environment, the host system, and its network interfaces. |
| Launch external processes | Start programs, outside of the OpenFin environment, that have complementary features to this one. | The application could start running malicious programs, without your consent. |
| Modify how the mouse works | Enable manipulating 3-D objects, maps, and other large images. | The application could make the mouse work in unexpected ways, such that it is unusable for normal work. |
| Open links in external applications | Open email links in your email program. | The application could use an unusual type of hyperlink to download malicious programs. |
| Play videos | Play videos that you choose or approve. | The application could play unwanted videos. |
| Read from the registry | Read information that is available only in the registry. | The application could learn sensitive information about your computer. |
| Read the clipboard | Enable a paste function. | The application could access sensitive information that you have copied in a different program. |
| Run in full screen mode | Enable the program to take up an entire physical screen. | The application could trick you into revealing sensitive information by simulating the browser or desktop while running in full-screen mode. |
| Save and restore external application windows | Save and restore an arrangement of related program windows, including ones that don't run in the OpenFin environment. | The application could start running malicious programs, not saved by you. |
| Send system notifications | Send notifications through the operating system's notification center. | The notifications could mislead or annoy you. |
| Set file location for auto-download | Set a location for downloading files that is different from the system default location. | The application could download files into locations and with names that are misleading. |
| Use hardware-specific audio functions | Access hardware-specific features of a MIDI device. | The application could profile you based on your computer's unique MIDI hardware; or it could record and transmit short snippets (but not streams) from your MIDI-enabled microphone. |
| Write to the clipboard | Enable a copy function. | The application could put information on the clipboard that is not what you intended. |
Related topics
- API security for developers