1.0.4 is the proof I needed to escalate this again.
[...] So again: per site java plug-ins/applets control would make FireFox more secure...
There is *no* connexion between the very serious problems that were fixed in 1.0.4 and java/applet.
Honestly I was tempted to stop my answer your message there.
But let's try to be constructive.
What you seem to want would be best be solved, with a more generic thinking, by a method to filter content to remove/inactivate unwanted elements per site.
This is very near to what Adblock does. Per site CSS, or grease scripts is another way.
But still there's no way to know where the attackers will shoot before they do, so you don't know *what* to filter in advance. And when they've done it, the correct solution is to fix the vulnerabilities, not to do filtering around it.
Don't try to create security by using filters, because people will do errors when setting them up, so they will end up insecure.
It works well for pop-up or advertissement, because it's very obvious when you fail, and you can correct from them, but not for actual security risks.
What you're saying here is that java/applets are so dangerous we should remove them. They are not so dangerous, they were the source of only recent vulnerability. And also the same argument could be construed about any functionnality, they always bring some level of security risks. The good solution is not to remove, but to make safe. Or suppress fully if there's no way to make it safe. But you'd better show why exactly it can't be safe, and not rely on generic FUD.
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
