Re: Disallow plug-ins in text/html-sandboxed? (was: Re: text/sandboxed-html)

On Wed, Jan 13, 2010 at 12:33 PM, Leonard Rosenthol <lrosenth@adobe.com> wrote:
>>Of course, once we have an API for plug-ins to understand these
>>security restrictions, we can lift the prohibition in case (2) for
>>plug-ins that understand the security model.
>
> Why only case #2 and not 1 as well?  As long as the plugins are able to declare their ability to participate in a sandboxed environment - why does it matter whether how that is defined?
>
> It seems to me that the model for sandboxing needs to be consistent (in all aspects) regardless of how you specify it...

I actually had a sentence in that email about doing the same thing in
case (1), but I decided it was redundant with the other thread.  We
definitely should make the two cases consistent.

Adam

Received on Wednesday, 13 January 2010 21:40:16 UTC