dieter at plaetinck.be
Mon Jan 4 09:30:29 PST 2010
for the uzbl browser (www.uzbl.org) we want to give users the ability
Extra privileges = executing uzbl commands which can do many actions,
such as executing shell commands.
But at the same time, we want js scripts from the users to be able to
modify the DOM of webpages.
The extra privileges should obviously never become available to
Currently we implemented the so-called "Uzbl" object which
has a 'run' method. See the 'eval_js' function in
http://github.com/Dieterbe/uzbl/blob/master/uzbl-core.c for our current
It was brought to my attention that given the way js works (you can
change core DOM functions such as window.addEventListener or
document.createElement), stack/object inspection, and maybe more (mind
you: I'm not familiar with how JS works at all, hence this mail) the
Uzbl object can "leak" to the scope of js scripts of website, which is
See for a sample exploit:
Can you advise us on how to tackle this topic?
Is there a clean solution for this problem?
More information about the webkit-dev