- From: Bjartur Thorlacius <svartman95@gmail.com>
- Date: Sun, 9 Jan 2011 00:13:17 +0000
On 1/8/11, Aryeh Gregor <Simetrical+w3c at gmail.com> wrote: > On Sat, Jan 8, 2011 at 6:50 PM, Bjartur Thorlacius <svartman95 at gmail.com> > wrote: >> The system provides access control. > > I'm not sure what you're saying here. The browser provides access > control for web applications. This is already true in lots of places > -- like geolocation and network access, to name recent ones. Even if > all native applications can access particular hardware as far as the > system is concerned, it certainly doesn't follow that the browser can > expose the same privilege to web applications. > When an user application requests screen access, I don't grant it carte blanche access to a screen of mine. Then I would need a screen per graphical app. Rather, I partition my screen and, given it has the necessary privileges, grant it revocable access to a frame. Then, I revoke the access and free up the frame for another application. Similar with storage space and networking. I don't see any reason for language implementations (such as JavaScript VMs) to reimplement hardware multiplexing and access granting, forcing system administrators (i.e. users) to manage access controls for 'normal' apps on one hand, but grant the JavaScript VM administrative privileges and then configure 'WebApps' seperately. As a side note, I don't remember how the topic morphed into what it's now, you'd think that all of this would be an implementation detail. The JavaScript application could be a well audited and trusted system administration application, for all we know.
Received on Saturday, 8 January 2011 16:13:17 UTC