Andrew Lentvorski wrote:
Well, I'm kinda irritated that this *isn't* already the way things work.
Indeed. But it takes time to make such major architectural changes. Especially in something so ridiculously complicated as a modern web browser.
Unfortunately, it's still not clear how this avoids the whole "snag your windowing system mouse and keyboard events" problems which are the most dangerous.
By what mechanism would a malicious webapp or plugin snag your window system mouse and keyboard events? I know it possibly could, I'm just wondering exactly how that works and whether there is a capability wrapping it where the security policy could check it.
-- Tracy R Reed http://tracyreed.org -- KPLUG-List@kernel-panic.org http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
