CarlosRivera writes:
> I like the idea of a few categories that would be. It would also be
> cool to take all the high risk stuff and treat it like the cookies.
> I.e. if you go to a sight that uses javascript (or java or flash), it
> pops a dialog and asks:
>
> - allow
> - disable
> - use settings based on category 3 (High Risk) (drop down list of
> categories).
> - apply settings for page, session, always (drop down list)
You could have settings like Enable/Disable/Ask. If the site is in a
category set to Enable, the corresponding action is taken silently. If
the setting is Disable, the corresponding action is not done at all,
again silently. If it is Ask, the user is asked whether or not to carry
out the action ("Do you want to allow Javascript to run on this page?").
> The other option that I would like is to spin off a separate process for
> the browser.
That sort of thing is OS-specific. UNIX has a low process startup cost
and processes have a simple structure, so spinning off a process costs
almost nothing and is very handy sometimes. Other operating systems
incur a high cost for process instantiation and may not work well with
this architecture. So it has to be different for each OS for best
performance.
In any case, that's not a security issue.
--
Anthony
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security
