Re: What defines a "plugin"? WRT sandboxing?

Adam Barth wrote:
> On Tue, Jan 26, 2010 at 8:53 PM, Leonard Rosenthol <lrosenth@adobe.com> wrote:
>> Then you need to block the GEARS plugin.  I have no problem with that.
> 
> I don't think we want to play whack-a-mole with the long tail of
> browser plugins.
> 
>> But that code also blocks any number of perfectly valid, and sandbox safe, plugins.
> 
> So?  Many security checks block lots of things that are safe.

And that's why many people hate this approach, as it forces people to 
use workarounds that make things even worse (tunneling everything 
through port 80 and POST comes to mind).

>> It also doesn't address the issue that some non-plugin-based format should be restricted because it could open up XSS (or other) vulns and this solution does NOT solve it.
> 
> If there's some code in the browser that violates the sandbox security
> model, I'll fix it.  The problem is I can't fix the Gears plugin
> because it's in my codebase.
> 
>> Rather than throwing out (segregating? Ostracizing?) an entire class of technology due to a few "bad apples" - why don't we try to solve the actual problem?!?!  (and that's MY point that you clearly don't see to grok)
> 
> That line of code does solve the actual problem.
> 
> The long term solution is to let plugins participate in the sandbox
> security model and then add an allow-plugins directive that re-enables
> them, which is where this thread started N thousand words ago.

Indeed.

Can we please try to make process here? I have started a Wiki page at 
<https://wiki.mozilla.org/Plugins:SandboxedPlugins>, and I have also 
pointed out that HTML5 currently doesn't have a solid definition of 
"plugin" (see 
<http://lists.w3.org/Archives/Public/public-html/2010Jan/1275.html>) -- 
should I open a BugZilla issue for that?

Best regards, Julian

Received on Tuesday, 26 January 2010 21:11:30 UTC