[webkit-dev] a simple isolatedworlds alternative for uzbl?
Dieter Plaetinck
dieter at plaetinck.be
Wed Jan 27 12:49:42 PST 2010
Hi guys,
as a continuation of my earlier topic:
https://lists.webkit.org/pipermail/webkit-dev/2010-January/011122.html
We've read more about isolatedworlds (
http://www.adambarth.com/papers/2010/barth-felt-saxena-boodman.pdf et
al)
but given:
1) it's not implemented yet in webkitgtk+
2) it looks kinda complex
3) it doesn't give the impression it's waterproof (for example: "to
select the correct world with reasonable assurance (...)" on page 10
of the pdf)
4) we treat local code as trusted. after all we're talking about small
scripts the user explicitly enables, not untrustworthy addons. we
assume local scripts are written and treated with the same care as the
source code of the browser itself.
we are investigating other directions to solve our issue.
one such approach is can be seen at:
http://github.com/sloonz/uzbl/commit/662d7a1d88b5319877296348e83aa1db2cfc5a62
the idea is that we would only call our special (privileged) object by
'this.Uzbl' and using a different 'this' for the local scripts and the
remote ones.
If we make sure we never pass around the instance of this.Uzbl as
arguments or put it in another object, we *think* we are good.
more info:
http://lists.uzbl.org/pipermail/uzbl-dev-uzbl.org/2010-January/000619.html
http://lists.uzbl.org/pipermail/uzbl-dev-uzbl.org/2010-January/000683.html
is this a good idea? is it safe? will it stay safe?
thanks!
Dieter
More information about the webkit-dev
mailing list