On Wed, Aug 5, 2009 at 6:03 PM, cpu <c...@chromium.org> wrote:
>
>
> On Aug 4, 3:36 pm, nakro <yoav.zilberb...@gmail.com> wrote:
> > Ian, i have a lot of respect to you chrome devs, but i could never
> > figure why
> > you don't just punch holes in the sandbox when Flash or Java or maybe
> > even Reader work....
> >
>
> In general because sandboxing code that you don't have the source code
> and can update at any time is asking for trouble.
>
> There are several things that are hard to open holes to for flash, for
> example its own self update.
In addition, I think the holes you'd have to open would make it very easy
for someone to break out of the sandbox. Of course, most exploits not
specifically targeted at Chromium would be foiled....so there still is
some benefit.
J
--~--~---------~--~----~------------~-------~--~----~
Chromium Developers mailing list: chromium-dev@googlegroups.com
View archives, change email options, or unsubscribe:
http://groups.google.com/group/chromium-dev
-~----------~----~----~----~------~----~------~--~---
