strk wrote:
> Note that loadMovie*, getURL, MovieClipLoader, XML, XMLSocket,
> LoadVars ... all can be used to exchange data with other applications.
Yes, this security option should be extended so people can lockdown
their player as much as they want.
> An --{enable,disable}-security option seems confusing to me.
--with-security=[list]. This seemed the easiest way to list all the
options instead of adding a --enable/disable option for each one. We
could do it that way too. This option triggers compile time
restrictions, the default is to use runtime selections based on the
.gnashrc file.
> Also, we want the runtime to know about what is not working and
> what not due to security issues.
I thought I added those kids of messages, we can always improve them.
I agree we want to distinguish between actual errors, and when people
are trying to use disable options.
- rob -
_______________________________________________
Gnash-commit mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/gnash-commit
