Anthony G. Atkielski wrote:
At this early stage of Firefox public development, it might be a good time to define a flexible model for controlling exactly what can and cannot be done in the browser by Web pages and sites.
better now than later. much easier to include while code base isn't as large as it will no doubt grow to over time.
Microsoft Internet Explorer had a few interesting controls that allowed some individualization of control, but it didn't go far enough. Firefox has a few controls as well, but it doesn't even go as far as MSIE, whereas it should be going even farther in order to improve security.
For example, consider these suggestions:
- Firefox should define a generous number of security categories into which sites can be grouped, ranging from fully trusted to fully untrusted. There should be security settings for each category appropriate to its level by default, but it should be possible to modify the settings for any category to any degree.
- The settings for each category should cover every single issue that might present a security risk, from the simple display of images to the exact identities of active components or plug-ins that are allowed to execute, with separate control for downloading (I personally don't like the idea of ActiveX or anything like it at all, but I imagine the market will force accommodation of something like this in time). It must be possible to enable or disable Java, Javascript, active content (preferably by individual module), and anything else that might open a door on the local machine. It should be possible to lockdown the browser so tightly that it can barely display anything beyond plain text.
like the full suite almost does?
I can agree with that.
I have tested my browser against the idn sppof vulnerability, it passed as not vulnerable, yet only thing I did was disable java, javascript and deny popup windows.
- It should be possible to specify which sites are in which categories. A default configuration can be provided, and the user should be able to modify this in any desired way. The list of sites for each category should allow not only specific FQDNs for sites, but also resource indicators (http vs. https, ftp, mailto, etc.). Some sort of wildcard provisions must be made as well: domain.com means "only the URL domain.com," *.domain.com means "anything in domain.com or a subdomain of domain.com," and so on. It should be possible to specify both FQDNs and numeric IP addresses.
- Some provision for saving and loading the security configuration should be provided, so that users can load packaged configurations and/or save configurations they have prepared. It should also be possible to load partial modifications (modifying the security settings for only one category, etc.). None of these actions should be possible from within a Web page--it must not be something that a dishonest site could do via a Web page, in other words.
possible, but a complex proposal.
These enhancements would be a huge step forward for security and would largely eliminate the problems of adware, spyware, viruses, etc., since conscientious users could lock down their Firefox browser to any desired degree.
After using Firefox for a few weeks now, I think the only real hesitation I have in abandoning MSIE is the lack of features such as I've outlined above. MSIE is far from ideal, but it still provides more granular control over security than Firefox does. But if Firefox begins to provide the same control or better, there will be no real reason to retain MSIE for anything.
BTW, I personally don't care if Firefox ever allows anything like ActiveX. I've never encountered a site that had a truly serious and legitimate need to use ActiveX controls, and I think the Web would be better off without them. That includes Flash.
no flash, no activex, noclientside scripting allowed with mozilla & netscape. won't use anything that doesn't allow a mouse click to remove those functions.
Jaqui
_______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
