[cap-talk] Javascript power box

[Jed Donnelley]

Cap-talk,

I'm somewhat reluctant to bring up this topic - partly
because it could undercut some of our work and partly
because we seem to be having such a stimulating exchange
without it, but ... it seems to tie somewhat into MarkM's
point about the Javascript sandbox being an example
that contradicts MS's immutable Law #1.  While this
is true, a Javascript sandbox is in many ways a trivial
case with pretty much no authority.

Why has nobody introduced the concept of a "Power Box"
for Javascript programs run in their 'sandbox'?  Perhaps
they have and I just missed it?  The Javascript sandbox
has been around for a very long time.  I'm surprised not
to see the ability to grant programs running in such a
sandbox access to individual local objects, e.g. files.

An obvious example might be a tax preparation program.
You run it off the Web in a Javascript sandbox, give
it write access to a file on your system to store it's
tax data and fill out your tax return.  If you need to
restart it, you give it read access to this intermediate
file.  At some point you ask it to output you tax return
forms in PDF - where you give it access to one more local
file.  You print the PDF file, sign, and send in your
return (or do electronic filing, whatever).

I'm sure everybody can think of many more examples.  Why
hasn't this been done?  If it has been done, maybe somebody
can point me to some examples/literature?  I admit I haven't
been looking out actively for such a thing because I'm
somewhat afraid of it.  Afraid that it might be a crock that
would undercut more effective implementations.  Still, I'd
like to know what is out there in this area.

Is this what the Adobe Integrated Runtime (AIR) is about?
Anybody looked at its UI/protection?  Sorry if I'm a bit
clueless on this topic.  Trying to get informed.

--Jed  http://www.webstart.com/jed/