W3C home > Mailing lists > Public > public-html@w3.org > June 2010

Re: text/sandboxed-html

From: Robert O'Callahan <robert@ocallahan.org>
Date: Thu, 10 Jun 2010 17:24:36 -0400
Message-ID: <AANLkTilptG21Kx3BpvSzi46X6vAR7cq1v9EAfgUF81Gx@mail.gmail.com>
To: Adam Barth <w3c@adambarth.com>
Cc: Artur Adib <arturadib@gmail.com>, Maciej Stachowiak <mjs@apple.com>, public-html@w3.org, Leonard Rosenthol <lrosenth@adobe.com>, Ian Hickson <ian@hixie.ch>
On Thu, Jun 10, 2010 at 5:21 PM, Adam Barth <w3c@adambarth.com> wrote:

> I guess I don't understand the transition plan.  Would we eventually
> remove support for plug-ins that don't understand sandboxing?  If not,
> couldn't an attacker always use XYZ random plug-in to break the
> security properties?

Users that don't have XYZ random plugin installed (i.e. almost all users)
would be protected.

"He was pierced for our transgressions, he was crushed for our iniquities;
the punishment that brought us peace was upon him, and by his wounds we are
healed. We all, like sheep, have gone astray, each of us has turned to his
own way; and the LORD has laid on him the iniquity of us all." [Isaiah
Received on Thursday, 10 June 2010 21:25:05 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 29 October 2015 10:16:03 UTC