> sun, hi, this is very useful categorisation. i've added what you > wrote as a section here: > https://wiki.mozilla.org/Apps/Security#Types_of_Runnables Call me 'Haitao'. That is my given name.
> i'm going to add a type 4 as well, if that's ok, which is the > conceptual equivalent of "/usr/local" > > https://wiki.mozilla.org/Apps/Security#Other_.28topics_that_don.27t_fall_into_above_proposals.29 I believe this should be a sub-type of type 1. > i have to say that the idea of dynamic loading of gaia apps makes me > rather twitchy. especially as you can achieve the same result by > going through the "install" process, and get better security all > round. both require a network connection, so why would you bypass the > security process? :) > > ... or were you referring to something else? But this is how today's web sites work. This is what web developers and users know best. This also provides very (if not the most) smooth experience of deployment. I'm afraid that forcing all web apps using a different deployment mechanism is neither good nor practical. I think we need a solution to make web apps work like native apps and be built like web sites. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
