Point taken. What about providing a way for a third party sandbox to allow itself to be invoked by chrome with specified domain and in turn it would run the tab process? Chrome wouldn't get involved in system- level stuff but that way it would be possible to get that level of sandboxing by using chrome in combination with such a product. I realize this isn't very concrete (yet) but I'm just wondering what you think...
-david On Sep 26, 10:23 pm, "Carlos Pizano" <[EMAIL PROTECTED]> wrote: > Sandboxie requires one or more drivers, we don't want to get into that > kind of intrusive OS modification. However, I welcome any concrete > idea that does not involve drivers or system level services. > > -cpu > > On Tue, Sep 23, 2008 at 9:05 PM,david [b] rosen<[EMAIL PROTECTED]> wrote: > > > > > Sandboxing the browser tabs themselves is a big improvement over > > firefox/ie, but I feel that it isn't enough. Any files downloaded > > should remain jailed in a sandbox specific to the domain of its > > origin, until and unless the user explicitly moves any of them out of > > the sandbox. I'm envisioning this being similar to one of the third- > > party sandbox programs like Sandboxie, but instead of everything going > > into one (or one of a few) explicitly-defined sandbox(es), a separate > > sandbox should be created automatically for each domain as needed. > > > Of course we need a way to open such documents within the sandbox, > > meaning that the application that opens it should be a separate > > instance that is tainted to be able to write only within the sandbox. > > I think some of the sandbox utilities do this, and Vista does > > something similar by effectively separating domains by their > > "integrity level," but it does not separate them by domain, so there's > > nothing to stop malware from one site from modifying the data that you > > send to another site of the same integrity level. > > > I know this is getting more towards the operating system level, but > > what do you think? > > > david rosen --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Chromium-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/chromium-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
