In message <[email protected]>, Dean Anderson writes:
>I was looking at tiddlywiki today, after the nice talk about tiddlysnip >by John and Adam on Wednesday. I noticed that tiddlywiki wants to have >you turn on "run and install software" file privileges in firefox. Using the FirefoxPrivilegesPlugin for tiddlywiki (which can be viewed from: http://svn.tiddlywiki.org/Trunk/contributors/XavierVerges/plugins/FirefoxPrivilegesPlugin.js) I set the rights: Run or install software on your machine - UniversalXPConnect Read and upload local files - UniversalBrowserRead The first is for reading/writing files on disk and is needed only if you want to write the tiddlywwiki. If you are using it in read only mode, it doesn't need these rights (but using it in read only mode isn't useful in a lot of cases). The second is only needed if you want to use one of the public tiddlywiki servers. I don't run with any privs on my tw's other than these two. I thought the plugin manipulated the user.js file but I just looked at mine and I don't see the appropraite entries. >I googled a bit, and I see one can finese the per-file privileges in the >user.js file. But distributing user.js prefs seems to be unworkable if >you tiddlywiki is going to be a on flash drive. Possibly. If you use portable firefox on the usb drive then it's possible to set its user.js apporpriately if the drive maps properly to the same letter (I have my drive set up to use G). If you are running across multiple platforms, then yeah it's inconvenient to say the least. >Script signing seems to be the other alternative. Yes, but IIRC script signing requires a second file that has the signature located in it which kind of breaks the single file model of tiddlywiki. >So I am wondering what you tiddlywiki users are doing for security? When I built a tiddlywiki application/vertical to support a class I was teaching, I was very careful at obtaining the code and plugins from known distribution locations and in a couple of cases auditing plugins myself. Plugins are more easily audited since they are tiddlers that are tagged with systemConfig and are visible in the tiddlywiki framework (as compared to the background code that you have to use a normal editor to view the html file). I can't comment on the feasability of hijacking a tiddlywiki via XSS from another website, but bringing this question up on the google tiddlywiki group http://groups.google.com/group/TiddlyWiki will probably elicit more answers than this list will. (and you also reminded me that I do need to make sure to caveat all my tiddlywiki talks as well) -- -- rouilj John Rouillard =========================================================================== My employers don't acknowledge my existence much less my opinions. _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
