[EMAIL PROTECTED] wrote:
so I assume none exists and the security policies are
implemented as the vendor pleases.
More or less, yes.
If so, do security specs for IE and
Mozilla exist?
Any pointers would be greatly appreciated.
Funny you should ask... there is no such spec for Mozilla yet, but we're working
on one. The initial thought-dump Brendan wrote up is at
<http://wiki.mozilla.org/Security:Strawman_Model>. One of these days I'm going
to post a response to it in this newsgroup, in the "Semi-formally specifying the
JavaScript security model" thread.
-Boris
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security