Roadmap Scratchpad: Difference between revisions

Jump to navigation Jump to search

Roadmap Scratchpad (view source)

Revision as of 00:07, 8 November 2005

2 bytes removed ,  8 November 2005
m
→‎Miscellaneous platform improvements
Line 102: Line 102:
In addition to the above new and enhanced capabilities, there are several important areas of improvement that resist even the preceding attempt at categorization.  They are no less important for that mismatch.
In addition to the above new and enhanced capabilities, there are several important areas of improvement that resist even the preceding attempt at categorization.  They are no less important for that mismatch.


The security model for web content relies on careful management of trust labels, the mixing of which has long been known to security researchers as a source of significant danger.  Also, Gecko's support for content with elevated privileges, derived from the Java privilege model from the time of Netscape 2, does not sufficiently distinguish between web applications which can be trusted to not spoof application UI or attempt to "drive by" extension installation, and those which seek to run arbitrary code on the host machine or perform unrestricted operations on the local filesystem.  Building on successful research from the programming-language security community; lessons from Java and .NET; and our own person-centuries of experience building and reinforcing web security models, we seek to provide a richer and more reliable model of trusted execution, and especially "partially-trusted" execution.
The security model for web content relies on careful management of trust labels, the mixing of which has long been known to security researchers as a source of significant danger.  Also, Gecko's support for content with elevated privileges, derived from the Java privilege model from the time of Netscape 4, does not sufficiently distinguish between web applications that can be trusted not to spoof application UI or attempt to "drive by" extension installation, and those that seek to run arbitrary code on the host machine or perform unrestricted operations on the local filesystem.  Building on successful research from the programming-language security community; lessons from Java and .NET; and our own person-centuries of experience building and reinforcing web security models, we seek to provide a richer and more reliable model of trusted execution, and especially "partially-trusted" execution.


Extensions have proven to be a very valuable mechanism for extending and improving Firefox and other "toolkit" applications.  More sophisticated dependency handling, streaming or stubbed install, and cross-application extension management will be combined with support for additional types of extensions such as language packs and search tools.  Combined with application-level improvements in overlay-point freezing or other such advancements, these should provide significant benefits to developers of extensions to Gecko 1.9-hosted applications.
Extensions have proven to be a very valuable mechanism for extending and improving Firefox and other "toolkit" applications.  More sophisticated dependency handling, streaming or stubbed install, and cross-application extension management will be combined with support for additional types of extensions such as language packs and search tools.  Combined with application-level improvements in overlay-point freezing or other such advancements, these should provide significant benefits to developers of extensions to Gecko 1.9-hosted applications.
Brendan
Confirmed users, Bureaucrats and Sysops emeriti
419

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/13330"

Navigation menu