On 3 Jan 2006, at 20:38, Chipp Walters wrote:
I'm just not a fan of securemode, especially if one is trying to
create a real application which runs from the web.
I agree with you there. It's limitations are pretty crushing.
Your idea is interesting. But I'm not comfortable with the idea of
registering "safe" stacks. And I'm also not sure how stacks can be
determined as "safe". I see there being two types of "unsafe" stack:
those with malicious intent and those which are just badly
programmed. Both are capable of damage. So I'm still hoping for a
way to prevent stacks from doing damage, but without the current
secureMode limitations.
One idea I've toyed with is to always run the "stackRunner/player"
app in secureMode, but have a "helper app" which runs in parallel,
and which is not in secure mode. The main app would communicate with
the helper app over a socket using a private protocol. The helper app
would perform a limited number of actions that secureMode prohibits.
For example, write to a "cache" folder, launch a limited number of
applications, run some predefined shell commands, etc. (I'm thinking
of a variety of "stack runner" type apps that seve different
purposes, so the "allowed" actions might vary among implemetations.)
The main app would have an API which is open to other stacks and
which would allow them to take advantage of the helper app.
I believe the Dreamcard Player uses a helper app like this to store
preferences, even when in secureMode. But I haven't looked into it in
great detail.
I'd be interested to hear from anyone that has tried to implement
something like this. Right now it's only an idea in my head, and
before having a go I'd appreciate any advice/warnings of possible
pitfalls.
Cheers
Dave
_______________________________________________
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
