Re: [dev] surf rewrite for WebKit2GTK

From: M Farkas-Dyck <strake888_AT_gmail.com>
Date: Tue, 28 Oct 2014 19:04:23 -0500

On 28/10/2014, Daniel Camolês <bigatojj_AT_gmail.com> wrote:
> Capability mode would require the target operating system to have this
> kind of feature.

Yes.

Capsicum [1] works on FreeBSD and Linux and is being ported to OpenBSD.

Plan 9 already has its own security model [2].

> Given a world that have more than one operating
> system working on people's computers, maybe it is simpler to port a vm
> than implement capability mode everywhere?

VM is an option, tho a less versatile one. We could use capabilities
where available and VM elsewhere.

>> Most program distribution systems what I know share this problem. It
>> is the user's responsibility to properly confine untrusted code.
>
> Well, I can't say that to the grandma who wants to see her grandsons
> pictures on the Internet.

No, but you can install a trusted graphics viewer program.

[1] http://www.cl.cam.ac.uk/research/security/capsicum/
[2] http://plan9.bell-labs.com/sys/doc/auth.html
Received on Wed Oct 29 2014 - 01:04:23 CET

This archive was generated by hypermail 2.3.0 : Wed Oct 29 2014 - 01:12:07 CET