Andre Garzia wrote:
On Jul 26, 2004, at 1:18 PM, Kevin Miller wrote:
The Player application is by default configured to have secureMode turned
on. This makes it "secure" preventing a stack from destroying a users hard
drive. However, the end user does have the option to turn of secureMode as
a preference included with the Player, so if you have a stack you want to
distribute you need to tell the end user to turn this option off if they
want to be able to save data. In a future version we may look more closely
at an intermediate "level" of security, right now the user must be asked to
turn this off.
what about a sandboxed enviroment, like a function to save a stack and another to load. You cannot specify where to save for the Dreamcard app will save it to it's own folder. This way we can save stuff and load stuff, and there will be no harm in it. Also we could only save and load stacks. maybe this handler could be something like secureSave and secureLoad. The user could be prompted and asked if he would allow to save or load from this app, much like the Apple Keychain does.
What about this approach, it can be easily implemented without altering Dreamcard code, this could be done in transcript level, no need to put that on the engine itself.... it could be done in couple hours and would make big time for us...
Any changes to the behavior of secureMode must be done in the engine. If they are handled in script then a script can change the behavior, leaving the door open to hackers.
An engine-level solution has been bandied about in Bugzilla: <http://www.runrev.com/revolution/developers/bugdatabase/show_bug.cgi?id=867>
Until such a change is made at the engine level, I agree with Kevin's position of erring on the side of safety.
-- Richard Gaskin Fourth World Media Corporation ___________________________________________________________ [EMAIL PROTECTED] http://www.FourthWorld.com _______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
