Nelson Bolyard wrote: > Jonas Sicking wrote, On 2008-08-11 20:33: > >> I would strongly recommend against using signed files at all. It's >> something that we want to get rid of since the security model is so poor. > > Jonas, please enlighten us with an explanation of that claim.
Signed files are a bad security model. It gives the page way more access than they should have, thus potentially putting users at risk. Hence we want to get rid of it. / Jonas _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security