[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnash-dev] Building extensions
From: |
strk |
Subject: |
Re: [Gnash-dev] Building extensions |
Date: |
Wed, 2 May 2007 11:35:50 +0200 |
On Wed, May 02, 2007 at 11:24:34AM +0200, Udo Giacomozzi wrote:
> Hello Rob,
>
> Thursday, April 26, 2007, 6:28:51 PM, you wrote:
> >> "Do you think that a command-line switch to allow the use of specified
> >> extensions is enough?"
>
> RS> No. I'd rather we have an actually thought out security plan instead.
> RS> We could add an option like that for now, but it's be a temporary fix
> RS> when we should really focus on the correct solution, whatever that is.
>
> I'd like to *remind* that the MM player pops up a confirmation dialog
> when accessing the webcam, for example. This *could* be a solution for
> the FileIO problem too.
Yes, more callbacks to the GUI will be needed for this.
> Anyway, I see some important things:
>
> - extensions should be enabled at compile time explicitly (they will
> probably be used only for special cases)
They are already.
> - the user should know in some way when a security relevant extension
> is being used by a movie (I would not want that my browser allows
> full file system access to any movie I see on a web page)
We have a log_security() function which is currently used for loading resources.
We should use it for FileIO and similar things too, even if for just saying:
we're allowing this (so the user knows).
> - in certain cases, extensions should be allowed explicitly and
> without bothering the user (important for embedded designs)
Wouldn't a config file be enough ?
--strk;