[e-lang] java.awt.dnd.DropTarget unsafe?
marcs at skyhunter.com
Sun Jul 16 17:52:12 EDT 2006
While the idea of letting the use interact directly with contained
object sounds attractive, in the absence of new insights on how to
create the trusted path to contained objects, the number of games the
container can play to place itself into a position of intermediation is
entertainingly large. Without new insights, the user's only chance is to
treat the application as a monolithic trust realm, and if the user
doesn't want to grant a certain authority to a particular app, launch a
different app to which the user can establish a new trusted path. The
new app would, in this scenario, be the previously contained component
Kevin Reid wrote:
> Ignoring the limitations of AWT, this restriction could also be
> provided by allowing containers to intercept drag events before their
> contents see them. This makes the restriction you describe
> implementable on a finer-grained basis.
> However, it would slightly break another property (which the AWT/
> Swing taming also doesn't provide): that a component can directly
> interact with the user, without being affected by its container. This
> is important if the component holds more authority than the container.
More information about the e-lang