After all these years I'm still uneasy about Mozilla security so can anyone
clarify ??
I want to allow users to install to "safe" zipped files
My basic understanding is that all chrome references implicitly support
privileged operations
Therefore I want to allow the installation of "chrome-like" zip files .
Such "safe" files have no security privileges so any XUL files or calls to
Mozilla interfaces will be ignored
Assuming this folder is called NonChrome
Mozilla
Chrome
NonChrome
then ANY users can install zipped files into NonChrome but STILL use the
chrome mechanism to refer to the zipped files without security issues.
1) Does this seem reasonable and does it mean
a) creating a "NonChrome" protocol??
b) creating a separate "NonChrome" rdf directory and installation
mechanism??
2) .. or is there a simpler solution ?????????
PS In an ideal word, I would like to have is a folder structure like
Mozilla
Chrome
Privileged
NonPrivileged
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
