- From: Frederik Braun <fbraun@mozilla.com>
- Date: Thu, 30 Oct 2014 09:46:44 +0100
- CC: "public-webappsec@w3.org" <public-webappsec@w3.org>
On 29.10.2014 18:14, Devdatta Akhawe wrote: >> We're talingk about a two attacks on two applications that need to occur for >> all of this to work. That is, if I just compromise example.com, all I can do >> is modify foo.js, which the integrity check blocks. If I compromise the >> client app (let's call it bar.com) with an XSS, I can inject an >> integrity-less link to foo.js... but that's only concerning if I *also* >> compromised example.com. > > Exactly! Lets first get to a world where you need two attacks, then we > can worry about how to help against the two attacks. Right now, we are > not even sure if something like SRI is practical on the web. > > -dev > OK, you convinced me. And I agree that requiring two attacks where one is a fully compromised CDN is quite a high bar. Just wanted to make sure this is captured, as my least-privilege sense was tingling.
Received on Thursday, 30 October 2014 08:47:17 UTC