Actually, I thought the answer was quite reasoned. I probably would have just said "read the archive, or any of the blog posts we've done on sandboxing, or the papers written on the subject." It's not "trust the force," it's "we tried this already and had a ton of problems, here's a sampling, and if you really care you can look around for more information, but in short there's little we can do without support from the plugin vendors." Carlos is the expert on the sandbox, and has tried to sandbox flash in the past (and believe me, he would really love to be able to do so).
Intercepting filesystem access could have stopped this attack, but it also could break flash. Plugins (take Air, for example, which provides filesystem access<http://labs.adobe.com/wiki/index.php/Apollo:Articles:Apollo_Local_File_System>) have expectations, including filesystem access, and when you break those expectations things go south rapidly. If plugins weren't supposed to have any filesystem access, or any access beyond what a renderer has, then sure we could sandbox them and things would be dandy. But it just doesn't work that way, and so we are trying to do what we can, including working with the plugin vendors, to make this happen -- it's just not as simple as you seem to portray it as. 2009/8/6 yoav zilberberg <yoav.zilberb...@gmail.com> > Alex, your reply irritates me so much that i am willing to take my chancesand > if anyone (from @chromium) finds my answer insulting e-mail me and i will > remove myself > forever from your lists, promise! > > what kind of an answer is that ? > do you know how this attack was carried ? > did you even read this thread before suggesting your comments ? > > even the start of your thread "trust the force" is so arrogant, and while i > don't know who carlos is > i would think that even carlos would know that if you intercepted file > access you would have > easily stopped this attack..... > > jeremy was at least constructive, in suggesting i would patch it myself, > but like i said, i don't know NPAPI > nor do i know flash for that matter > > but i do know windows, alex, and whatever flash does internally he cannot > access the disk directly, right ? (of course not) > so just that simple test would have been enough > > and again, if anyone(!) from chrome(!) finds my response offensive, reply > here and i promise never to post here again > with zero hard feelings > > nakro > > > > --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
