874
edits
Labs/Ubiquity/0.2 Roadmap Proposals: Difference between revisions
Labs/Ubiquity/0.2 Roadmap Proposals (view source)
Revision as of 21:30, 12 November 2008
, 12 November 2008Added a section on inter-process sandboxed security
(Added a section on inter-process sandboxed security) |
|||
| Line 71: | Line 71: | ||
* Due to the security dangers of giving chrome privileges to arbitrary javascript, the functionality that gets into Firefox 3.2 should '''not''' include subscription to third-party commands. | * Due to the security dangers of giving chrome privileges to arbitrary javascript, the functionality that gets into Firefox 3.2 should '''not''' include subscription to third-party commands. | ||
== Inter-process Sandboxed Security == | |||
::'''Motivation:''' Exploring the execution of end-user code in a separate process using a technology like the recently open-sourced [http://en.wikipedia.org/wiki/GreenBorder GreenBorder] can help protect end-user machines and also serve as a useful "guinea pig" for applying a similar kind of mechanism to Firefox. | |||
* GreenBorder's source code appears to be [http://src.chromium.org/viewvc/chrome/trunk/src/sandbox/src/pe_image.h?revision=1287&view=markup here]. Understandably, it seems to be tightly coupled to the Windows operating system. | |||
* Using a separate process means we'd probably have to implement some kind of robust, cross-platform IPC mechanism; there may already exist code in Chromium to help us do this. Dan Mosedale also knows of some work that was done a few years ago to help Thunderbird and Firefox exchange information better; the code never ended up being used, but it's still in the trunk. | |||
== Stabilization of Current Feature Set == | == Stabilization of Current Feature Set == | ||