On Jun 22, 2010, at 4:47 PM, Bill Appleton wrote: > this IS sandboxed --- its in a separate process
That’s not what “sandboxed” means. It refers to a process that’s running with reduced privileges, i.e. it only gets to “play in the sandbox” without having full access to the computer. For example, maybe it can only access part of the filesystem, or can’t create windows, or can’t open network sockets, or whatever. (OS X has a pretty complex set of privileges that can be individually disabled for sandboxed processes.) I’m not sure what the eventual solution’s going to be for sandboxing plugins, since some of them legitimately need such access. (Flash stores cookies in your home directory, and some flash widgets can access webcams, for instance.) But it’s probably a good idea to make as few assumptions as possible about what environment you’re running in. The Chrome project is working on a new plugin API to eventually replace the NPAPI; have you looked at it? —Jens_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
