W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2013

Re: [webappsec] ISSUE-53: UISecurity input-protection heuristic for composited rendering

From: Giorgio Maone <g.maone@informaction.com>
Date: Wed, 23 Oct 2013 00:13:09 +0200
Message-ID: <5266F875.2030403@informaction.com>
To: Brad Hill <hillbrad@gmail.com>, David Lin-Shung Huang <linshung.huang@sv.cmu.edu>
CC: "public-webappsec@w3.org" <public-webappsec@w3.org>, robert@ocallahan.org
On 15/10/2013 00:38, Brad Hill wrote:
> So, there is no way to get the final rendering, even for the
> compositor thread managing the outermost document?  :/   You can't
> read the pixels back from the GPU when you know you have a hit to a
> protected region?
>
> Also:  thoughts on whether we should keep the clipping rectangle
> around the hit, or just allow element selectors only?
I think before giving up we should ask some browser folks actually well
versed in their layout/rendering implementations to chime in and tell us
whether what we're trying to accomplish is more or less viable, and/or
if there's a better approach to achieve the same goals.

Also, since the protection is opt-in, *maybe* a trade of between
rendering performance and security would be acceptable, if properly
documented.

As a start I'm CCing Robert  O' Callahan, who IIRC works or used to work
on Mozilla's gfx internals: could you please take a look at

https://dvcs.w3.org/hg/user-interface-safety/raw-file/43644c06b379/user-interface-safety.html#alt_heuristic

? Any comments/suggestions? Many thanks in advance!

Also if you know any other field expert from
Mozilla/Google/Apple/Microsoft who may want to help, please let us know.

Thank you
-- G
Received on Tuesday, 22 October 2013 22:13:33 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:03 UTC