[webkit-dev] Security advice for linux browsers based on WebKit

Adam Barth abarth at webkit.org
Mon Aug 24 09:12:41 PDT 2009


On Mon, Aug 24, 2009 at 6:11 AM, Gustavo Noronha Silva<gns at gnome.org> wrote:
> I am saying that we should be careful not to design things with 'Linux
> is mostly used in enterprise settings' in mind.

Ah, I see.  Yes, this makes sense.  My experience with Linux is mostly
in universities where these sorts of file systems are the norm.

> So, to clear up my position regarding the actual meat of the proposal: I
> agree this is an important security concern. Doing that in libraries
> right now will break API expectations, though, so I think if it is done,
> this should be done first by documenting the intent to change, and then
> changing after a reasonable amount of time. Of course browser
> applications can do it right now, though =)

By way of context, Firefox has had this mitigations for several years
on all platforms.  IE has an even more onerous mitigation for a long
time (basically they punt the decision to the users with a "click here
to be hacked" experience).  Chrome has had this mitigation since day
1.

I think the main compatibly risk is in non-browser uses of WebKit
where it's difficult for us to assess the risk without knowing the
application.

Where do you think we should document our intent to change?

Adam


More information about the webkit-dev mailing list