Firefox security strategy (was: Firefox goodies)

Kevin D. Clark kevin_d_clark at comcast.net
Thu Dec 29 17:16:01 EST 2005 

Ben Scott writes:

>   To some extent, but not completely.  Certainly, at one point in it's
> history, Java was being sold as an ideal "sandbox" for things like
> client-side intelligence in web pages.[1]  However, it was still
> designed around the idea of a general-purpose programming language
> which could be locked up if you didn't want the danger getting out of
> the web page.  You still have this whole "security model" of what can
> be done, when, and to what.

So do you like a security model or not?  To me you're sending mixed
signals here.  To me, a system that is designed from the ground up with
security in mind has a security model.

I'm pretty sure we both agree that security by design is better than a
"let's bolt on some security later!" scheme.

>   What I think would be better for web pages would be preventing the
> danger from being possible in the first place.  Something with
> deliberately limited functionality, designed around web pages.  The
> syntax and semantics might be a proper subset of something larger, but
> functionality should be shopped off, and quite sharply, at the end of
> the web page.

Sounds like you'd like a better/more-well-designed JavaScript.

>   And on the gripping hand, none of this solves the problem of buffer
> overflows and other stupid implementation mistakes that even Firefox
> suffers from.

Java and applets were better than most in this respect.


Let me give my opinions:

1:  If JavaScript was better/safer/more-consistant/portable this would
    be a good thing.

2:  OTOH, I'd hate to clamp down so much on the design of JavaScript
    (or some future replacement) such that some interesting
    service/feature couldn't be realized by this technology.  Remember
    what Doug Gwyn said about Unix:

        UNIX was not designed to stop you from doing stupid things,
        because that would also stop you from doing clever things.

    Kind of the same thing for JavaScript.  I for one am pretty sure
    that my tiny little brain can't think of every possible future use
    for such an extension language.

2:  Java applets could address a lot of what you're asking for.
    You're asking for a well-defined and secure technology that allows
    arbitrary programs delivered with web-pages to execute in your
    browser.  I can't think of anything that matches this criteria more
    than a Java applet.  However...

3:  The problem with Java is that it isn't ubiquitous, many feel that
    it is too heavyweight, it still suffers from the fact that a large
    well-known company would rather see it disappear, and many don't
    care for the way that Sun controls the core of the language.
    There are also some quibbles with the design of the core of the
    language, but these complaints aren't quite as prominent.


And, so, here we are.

Regards,

--Levin
-- 
GnuPG ID: B280F24E

More information about the gnhlug-discuss mailing list