> Hi guys, > > I've been lurking on the Gnash mailing list for a while, but felt > compelled to speak out when the discussion turned to the security > model. > > Currently, there's talk about completely disregarding the crossdomain > security policy in the Gnash player, leaving Gnash wide open to > crossdomain scripting attacks. I'm just wondering how people feel > about this...
Please don't raise the flag when it's not needed :) There is one guy (which doesn't look like a Gnash developer) which want the security model disabled. It doesn't imply that the Gnash team will follow him. I don't think they will. The only "official" statement is the one of Rob Savoye saying he would like to permit the user to manually disable Flash external communications for people concerned about privacy (just like cookies). Nothing fancy here. The project is still at very early stage. There is other important things to do first I guess. Nicolas _______________________________________________ osflash mailing list [email protected] http://osflash.org/mailman/listinfo/osflash_osflash.org
