RuntimeInstaller interface needs to be marked as privileged API

[marcoscaceres]

RuntimeInstaller interface is a privileged API and should not be accessed by untrusted application. We should prohibit untrusted application to install other applications. I found no such information is highlighted in the spec.

[mounirlamouri]

What is RuntimeInstaller? Isn't that from the Samsung spec?
Our model is to allow any web page to install an application (we use a doorhanger as a confirmation in Firefox). The spec says that the installation should happen if the UA "allows" the installation [1] which is a bit vague. Maybe it should be clearer? If that is the case, please open another issue.

[1] http://runtime.sysapps.org/#widl-ApplicationRegistry-install-DOMRequest-DOMString-manifestUrl-Object-parameters