Hi guys, I've been lurking on the Gnash mailing list for a while, but felt compelled to speak out when the discussion turned to the security model.
Currently, there's talk about completely disregarding the crossdomain security policy in the Gnash player, leaving Gnash wide open to crossdomain scripting attacks. I'm just wondering how people feel about this... Although Gnash is a minor concern now, there is also movement from the mozilla foundation towards bundling it with Firefox, which could mean massive uptake of the player. This could concievably give it leverage as an alternative (or default) install of the flash player. How do people feel about this? I'm definitely happy about the existence of Gnash, but I'm worried about the potential for abuse should the security precautions be discarded, and, more significantly, about the potential for fragmentation of the platform. So my question is this - what would be the likely consequences, to the flash ecosystem, sould an alternative flash compatible platform gain, say (hypothetically) 20% of the market? How likely would this be to change the way you author flash content? Does it seem like a major concern? What if the two versions were not functionally identical? I feel that this could be detrimental to everyone. Just speculating, Alias _______________________________________________ osflash mailing list [email protected] http://osflash.org/mailman/listinfo/osflash_osflash.org
