Re: [Gnash-dev] Extensions and GNASHRC

gnash-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnash-dev] Extensions and GNASHRC

From:	Eric Hughes
Subject:	Re: [Gnash-dev] Extensions and GNASHRC
Date:	Fri, 25 May 2007 11:03:18 -0600

At 10:43 AM 5/25/2007, Sandro Santilli wrote:

Comments welcome.

The "correct" default, from a security point of view, is always "donothing", because then there's no risk of malfunction. Leaving extensionsoff by default is just fine, and is likely the right way to behave permanently.

Now turning them back on in the way you've done, well, I don't think it'slong-term solution. But you weren't looking for one. It'll do for now.

The long-term issue is granularity of authorization and the algebra ofgrants of such. The variable "EnableExtensions" might be sufficient toenable them for any .SWF (certainly the wrong thing) or might be necessaryfor enablement, requiring some other grant (possibly OK) or might beremoved in favor of another mechanism. I see no need to decide now.


Eric

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnash-dev] Extensions and GNASHRC, Sandro Santilli, 2007/05/25
- Re: [Gnash-dev] Extensions and GNASHRC, Eric Hughes <=

Prev by Date: [Gnash-dev] Extensions and GNASHRC
Next by Date: [Gnash-dev] FSF copyright notices slightly off
Previous by thread: [Gnash-dev] Extensions and GNASHRC
Next by thread: [Gnash-dev] FSF copyright notices slightly off
Index(es):
- Date
- Thread