- From: Maciej Stachowiak <mjs@apple.com>
- Date: Thu, 30 Jul 2009 14:04:35 -0700
On Jul 30, 2009, at 10:18 AM, Michael Davidson wrote: > On Tue, Jul 28, 2009 at 10:58 PM, Maciej Stachowiak<mjs at apple.com> > wrote: >> >> Here's some security risks I've thought about, for persistent >> workers and >> persistent background pages: >> >> <great list of risks> > > Thanks for the list, Maciej. However, Firefox extensions today have > all of the same problems. Do you consider the permission UI in Firefox > insufficient? Given Safari's extension model, I'm going to guess the > answer is yes. The fact that FF has extensions, however, at least > shows that one browser vendor believes that sufficient permission UI > exists. I'm not sure if I'd be totally comfortable with putting something as streamlined as the Firefox extensions model. As presented on <http://addons.mozilla.org/ >, it seems fine - the extensions posted there are centrally vetted and reviewed, the user has to take a clear explicit step to start the install, and there is a revocation model. But the fact that third party pages can trigger automated extension install seems problematic. For example, just visiting <http://gears.google.com/download.html > in Firefox, I am immediately faced with an alert dialog where the default button will install native code that runs in my browser. If any page can do that, then browsing with Firefox puts you one "enter" keystroke away from running native code (well, once Firefox restarts, anyway). I'm not really sure why Mozilla thinks that is ok. Regards, Maciej
Received on Thursday, 30 July 2009 14:04:35 UTC