[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnash-dev] Building in security

From: Eric Hughes
Subject: Re: [Gnash-dev] Building in security
Date: Thu, 26 Apr 2007 13:34:37 -0600

At 12:08 PM 4/26/2007, Rob Savoye wrote:
  Currently the only security in Gnash is a simple whitelist/blacklist
of URLs to not load content from. This is more like Adblock, than real
security though,

1) Agreed, whitelist/blacklist is insufficient in general, but these lists do support common use cases. Regardless of whatever underlying mechanisms are used, having direct UI access to these lists should be retained. And retained even if these lists do not fully cover all security permissions.

2) Adblock is excellent in practice because, regardless of its specific blocking mechanisms, has a subscription service for updating local tables. This is invaluable, given that the mechanisms that "really work" presume unavailable infrastructure, such as self-verifying code (which might someday exist) and signed code (which requires PKI, which no one has yet made work widely).

3) A "full" solution, to my eye, will seem to include the moral equivalent of jail(1) for the AS virtual machine, where we jail not just the file system but every external resource that's visible in AS. The idea then is that every script executed is jailed by default unless granted specific permission otherwise.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]