- From: Maciej Stachowiak <mjs@apple.com>
- Date: Wed, 11 Nov 2009 00:44:12 -0800
- To: Arve Bersvendsen <arveb@opera.com>
- Cc: Robin Berjon <robin@berjon.com>, public-device-apis@w3.org, public-webapps WG <public-webapps@w3.org>
On Nov 11, 2009, at 12:36 AM, Arve Bersvendsen wrote: > On Wed, 11 Nov 2009 02:47:50 +0100, Maciej Stachowiak > <mjs@apple.com> wrote: > >> I think file writing (once the script has securely received a file >> handle) has different security considerations than directory >> manipulation and opening of arbitrary files. File writing should be >> designed with the browser security model in mind, because it's >> something that is reasonable to expose to Web content, given the >> right model for getting a writable handle (private use area or >> explicitly chosen by the user via "Save As" dialog) > > Note that both explicit content and private use areas/sandboxes has > security implications. Of course it does. Any new capability we add to the Web platform has security implications. For these particular features, I would like to see designed such that it is reasonable to expose them to public Web content, without the need for trust decisions by the user or policy choices by an administrator or network operator. I believe that is possible. When it comes to directory manipulation, I am not sure such a design is possible, or at least, I have not heard a good proposal yet. Regards, Maciej
Received on Wednesday, 11 November 2009 08:44:54 UTC