- From: Bobby Holley <bobbyholley@gmail.com>
- Date: Mon, 7 Jan 2013 23:17:37 -0800
- To: Ian Hickson <ian@hixie.ch>
- Cc: whatwg <whatwg@lists.whatwg.org>
On Mon, Jan 7, 2013 at 8:05 PM, Ian Hickson <ian@hixie.ch> wrote: > On Mon, 7 Jan 2013, Bobby Holley wrote: > > > > Aside from concerns about stack introspection, the main downside of this > > approach is that it's a blacklist, rather than a whitelist (like our > > other security code), so we'll have to be extra careful when > > implementing anything new on Location. Please keep that in mind when > > updating the spec. ;-) > > Can you elaborate on what is a blacklist? > In the sense that we have to implement it as explicit per-method checks in C++. Our regular security model is an object-capability system enforced with wrappers across scope boundaries (using a whitelist), which, as previously discussed, doesn't jive with the current spec for Location. So if something new is ever added to nsLocation, we're going to need to remember to add a security check. bholley
Received on Tuesday, 8 January 2013 07:18:21 UTC