Problem a malicious app could ask for the main MAID and if the user stores all his information under that ID, the app could start reading all this data ?
It is unclear to me: the single Maidsafe Anonymous ID (MAID) is the single point of entry onto the network, right? This user can then have many Proxy MaidSafe IDs (PMID). A single application would only control access to a particular PMID, but not the other PMIDs a user has? How does the user authenticate this PMID in an app, with an app-specific password?
At the moment (and not to say forever) the Maid keys get all your keys for all MPID (sorry I keep confusing PMID (vault) and MPID (public names)). These MPIDs are all just key pairs at the moment. So any app would currently have access to all these id’s.
It would be possible to create MPID passwords etc. I imagine. This would maybe be as easy as encrypting the keypair held for that MPID (in the keys directory). Presumably each app could add this extra access layer pretty easily. It would mean login with Maid credentials which will retrieve all keypairs. Then another password for the particular MPID. I see passwords internal to the network being used like this in any case for things like wallet transactions. So may not be too much of an issue.
I think there is scope for granularity here as we move on.
I have been thinking about measures to make it hard for an attacker who gains access to a user’s credentials to steal their data, and these would help in this case too. I shall post about this at some point, but if I don’t please remind me!
If this can be controlled at a higher level (like you suggested, encrypting the key pair) then that is a huge plus! Because it will also horribly burden usage if every key has a seperate password once again.
Immutable apps on the SAFE network, together with app-controlled additional locking of sensitive data would strike a nice balance:
controlling your data outside of all apps (on SAFE)
single MAID login to your full system
granularity to shield sensitive data from other apps