W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2012

Re: sandbox

From: Adam Barth <w3c@adambarth.com>
Date: Sat, 15 Sep 2012 13:46:04 -0700
Message-ID: <CAJE5ia8hG6PvxwPu7k737touYJ3=Gcazxgq4UrgWm-YH9FCzRA@mail.gmail.com>
To: Angelo Borsotti <angelo.borsotti@gmail.com>
Cc: public-webapps@w3.org
You might be interested in the SysApps working group, which is going
to address these sorts of use cases, including the security issues:

http://www.w3.org/2012/05/sysapps-wg-charter.html

Adam


On Sat, Sep 15, 2012 at 5:01 AM, Angelo Borsotti
<angelo.borsotti@gmail.com> wrote:
> Hello,
>
> restricting the access made by a web app to a sandboxed filesystem is a
> severe restriction.
> I understand that this is done to preserve security, but the result falls
> short of the mark.
> Web apps that cannot access the local filesystem are meant to access mainly
> the data
> that are stored in some computer in the network (albeit they can somehow
> save them in
> some sandboxed storage so as to let the user work offline).
> Now, consider sensitive data, like, e.g. my bank accounts, what shares I
> own, my medical
> data, etc. Storing them in my computer is a lot more secure than storing
> them in some
> other in the network. It has some drawbacks, like, e.g. that I cannot access
> them when
> I am away from home or from my computer, but I could well trade this for
> security.
> I would like to have web apps access them, read and write them, manage them,
> etc.
> Unfortunately, with the current tecnology, and stantards such as the one you
> are developing,
> web apps cannot access them. Of course, I could install and run a web server
> on my
> computer, and have web apps then access my data, but that would effectively
> decrese
> security instead of increase it.
> All we have lived for decades using traditional apps, implemented in C++ and
> Java,
> accessing the local filesystem (and the whole OS). It is time to shift from
> these technologies
> to the new web ones, and implement apps using html and javascript --
> providing that we
> can do the same things at least.
> Security is an issue, but it applies to apps implemented with traditional
> technologies.
> When I download Firefox, or Libreoffice, I trust them not to wipe out my
> filesystem or
> disrupt my OS because I trust the people that implemented them and I trust
> the place from
> which I downloaded them (i.e. that they are not counterfeited and, e.g.,
> contain viruses).
> Once I have installed them I have effectively granted them access to my
> computer.
> This simple scheme could also apply to web apps. Note that downloading a
> (traditional)
> app such as Firefox, installing it and running it is something that is
> nowadays done
> using the web. So, the distinction between apps and web apps tends to be
> confined
> to the technology that is used to implement them. From the users'
> perspective they differ
> mostly in the way they are installed. Why then they should differ in what
> they can do?
>
> So, my proposal is to get rid altogether with the notion of sandboxed
> filesystem, or,
> alternatively, to consider it as a special case of filesystem, and to
> provide access to
> the whole local filesystem.
>
> Thank you
> -Angelo Borsotti
Received on Saturday, 15 September 2012 20:47:05 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:54 GMT