Re: Kickoff application manifest work

On Wed, Jun 19, 2013 at 7:39 PM, Charles McCathie Nevile
<> wrote:
> One of the scenarios I have in mind is where a few apps from an origin use
> some common stuff. Which is obviously increasing the attack surface in the
> way that you mention, but if the same people are forced to use different
> origins for stuff that is copy-pasted across then I am not sure we are
> really exposing anything new except a requirement to buy more domains...

Well, sharing data via messages rather than having actual shared data
is a big benefit security-wise. Because the boundary is there by
default, you instead need to think about what to expose to other
applications and what is safe. You'll also scale better as you can
more easily integrate with services running on other systems.


Received on Friday, 21 June 2013 07:15:56 UTC