Boris Zbarsky wrote:
JoeS wrote:
Mail and news have very different security needs IMHO
That may well be. Might be worth filing a bug on that. I suspect the
default configuration would still have the same prefs set for both of
them, though...
-Boris
https://bugzilla.mozilla.org/show_bug.
JoeS wrote:
Mail and news have very different security needs IMHO
That may well be. Might be worth filing a bug on that. I suspect the default
configuration would still have the same prefs set for both of them, though...
-Boris
___
dev-security m
Boris Zbarsky wrote:
JoeS wrote:
Yes, but only if you know that default policies have been violated.
Er... you can set up policies even if nothing has been violated.
I think at least an alert should be done here
So a site can go into an endless alert loop by violating a security
policy in
Ka-Ping Yee wrote:
We should scrap all this and do something better.
I'm really glad to see that there's interest in a new and better
design.
Me too.
One thought I had the other week is to enable privileges implicitly
based on "latent trust": site has good CA-signed cert, you've connected
Brendan Eich wrote:
> One thought I had the other week is to enable privileges implicitly
> based on "latent trust": site has good CA-signed cert, you've connected
> with SSL, you've got a password saved for this site, you are logged in.
>
> Such a site could have some awesome powers, but not supe
JoeS wrote:
Yes, but only if you know that default policies have been violated.
Er... you can set up policies even if nothing has been violated.
I think at least an alert should be done here
So a site can go into an endless alert loop by violating a security policy in a
setInterval? No, t
Boris Zbarsky wrote:
JoeS wrote:
Unfortunately, "this does not work" equates to "this software is not
capable" for most users. Let the user know when pref controlled
capabilities are violated at least.
Feel free to suggest UI for this. I don't see a good option yet.
http://piro.sakura.ne.jp
JoeS wrote:
Unfortunately, "this does not work" equates to "this software is not
capable" for most users. Let the user know when pref controlled
capabilities are violated at least.
Feel free to suggest UI for this. I don't see a good option yet.
How far do you have to dig to find that capabi
Boris Zbarsky wrote:
It looks like this list might actually work for security discussion, so
here goes... ;)
At the moment, our expanded-capability architecture suffers from four
issues:
1) It's only possible to expand capabilities for a JS stack frame, not
for a web page in general, unle
> We should scrap all this and do something better.
I'm really glad to see that there's interest in a new and better
design.
> One thought I had the other week is to enable privileges implicitly
> based on "latent trust": site has good CA-signed cert, you've connected
> with SSL, you've got a pas
Boris Zbarsky wrote:
Brendan Eich wrote:
One thought I had the other week is to enable privileges implicitly
based on "latent trust": site has good CA-signed cert, you've
connected with SSL, you've got a password saved for this site, you are
logged in.
Such a site could have some awesome pow
Brendan Eich wrote:
The better course in my view is to take charge of our destiny.
That would be preferred (though we may need a backwards-compat shim for the
three or four capabilities we support now).
One thought I had the other week is to enable privileges implicitly
based on "latent tru
Boris Zbarsky wrote:
It looks like this list might actually work for security discussion, so
here goes... ;)
At the moment, our expanded-capability architecture suffers from four
issues:
At least four!
1) It's only possible to expand capabilities for a JS stack frame, not
for a web page
It looks like this list might actually work for security discussion, so here
goes... ;)
At the moment, our expanded-capability architecture suffers from four issues:
1) It's only possible to expand capabilities for a JS stack frame, not for a
web page in general, unless one says to never ask
14 matches
Mail list logo