W3C home > Mailing lists > Public > public-html@w3.org > January 2010

Re: What defines a "plugin"? WRT sandboxing?

From: Tab Atkins Jr. <jackalmage@gmail.com>
Date: Sun, 24 Jan 2010 11:18:03 -0600
Message-ID: <dd0fbad1001240918v72d99c13o656ba2c471d9dc4d@mail.gmail.com>
To: Maciej Stachowiak <mjs@apple.com>
Cc: Leonard Rosenthol <lrosenth@adobe.com>, "public-html@w3.org" <public-html@w3.org>
On Sun, Jan 24, 2010 at 11:02 AM, Maciej Stachowiak <mjs@apple.com> wrote:
> I think the bottom line is for any given piece of code, can you verify that
> it enforces the sandbox constraints?

It's possible that different UAs have different verification
abilities.  Would this cause any problems?  The definition of "plugin"
you've stated for this purpose should suffice to prevent security
issues even if different UAs react to various plugins differently, but
there's still the matter of author expectations.

~TJ
Received on Sunday, 24 January 2010 17:18:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:17:00 GMT