[cap-talk] Google Chrome - web browser with sandboxed rendering
Ben Laurie
benl at google.com
Fri Sep 5 04:52:15 CDT 2008
On Thu, Sep 4, 2008 at 10:39 PM, James A. Donald <jamesd at echeque.com> wrote:
> Ben Laurie wrote:
>> I agree that the problem of making the security decisions is
>> considerably harder than that of enforcing them.
>
> Hence the powerbox user interface model of piggybacking permission on
> designation.
This particular assertion is beginning to really bug me. Designation
works fine for files, maybe, and for drag'n'drop, even more maybe (are
you granting read? write? a communications channel? is it permanent or
temporary? etc). But I've yet to see any evidence that it makes any
sense at all in the context of, for example, sockets.
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
More information about the cap-talk
mailing list