W3C home > Mailing lists > Public > public-html@w3.org > January 2010

Re: Disallow plug-ins in text/html-sandboxed? (was: Re: text/sandboxed-html)

From: Maciej Stachowiak <mjs@apple.com>
Date: Sun, 24 Jan 2010 08:55:36 -0800
Cc: Adam Barth <w3c@adambarth.com>, Ian Hickson <ian@hixie.ch>, "public-html@w3.org" <public-html@w3.org>
Message-id: <70F1E247-0689-476B-82F3-E84969D8F5F9@apple.com>
To: Leonard Rosenthol <lrosenth@adobe.com>

On Jan 24, 2010, at 5:37 AM, Leonard Rosenthol wrote:

> The problem here is that unlike the other method (@sandbox), where the page author has control over what things are sandboxed and what are not - there is no such control when using a mimetype :(.   That means that a renegade server (or proxy or ...) could simply swap out mimetypes and block a users access to required content (exposed via plugins).
> 
> I don't consider that acceptable and would prefer to see it remain as it does, that plugins can also run in this mode _OR_ that all "sandboxable content" (scripts, etc.) also get turned off.  Be consistent.

It sounds like you are talking about a security risk, but I'm not sure what exactly you have in mind. Can you explain the thread model you are concerned about?

 - Maciej

> 
> Leonard
> 
> -----Original Message-----
> From: public-html-request@w3.org [mailto:public-html-request@w3.org] On Behalf Of Maciej Stachowiak
> Sent: Wednesday, January 20, 2010 3:15 AM
> To: Adam Barth
> Cc: Ian Hickson; public-html@w3.org
> Subject: Re: Disallow plug-ins in text/html-sandboxed? (was: Re: text/sandboxed-html)
> 
> 
> On Jan 19, 2010, at 5:52 PM, Adam Barth wrote:
> 
>> 
>> Consider the case of Google Gears.  Gears provides access to databases
>> based on the origin of the embedding page.  Unfortunately, Gears
>> doesn't understand text/html-sandboxed and so would grant the
>> sandboxed content access to the origin's databases.
> 
> It seems like, in this case, if plugins are blocked, then you can't use a redirect to circumvent the protection. Likewise if Flash has similar vulnerabilities (I suspect it does).
> 
> Regards,
> Maciej
> 
> 
> 
Received on Sunday, 24 January 2010 16:56:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:17:00 GMT