Nils,
What "implementation issues" are you concerned about? Anything specific?
JavaScript *does* have a Java-like sandbox. In fact, the JavaScript sandbox
is more restrictive than the Java sandbox, since JavaScript has no built-in
support for file access (for example), as Java does. What features are
"potentially dangerous" is a matter of interpretation. In general, we
consider the ability to read or write files on a user's hard drive, or to get
most information about the configuration of your browser, or to send email in
your name, to be dangerous functions, and JavaScripts can do none of these.
The list in the previous post represents things that JavaScript can do which
are not necessarily dangerous but are either annoying (like generating pop-up
advertisements) or minor violations of your privacy which most Web browsers
are guilty of (revealing what version of the browser you're running, what
language you prefer to read pages in, and how big your screen is, to name a
few). While we can and should prevent these annoyances and minor privacy
violations (and that's what we're discussing in this newsgroup thread), you
are already protected from the more serious security problems you may have
read about.
I am planning to enable the privacy features in the previous post via a
single checkbox, as you suggest, but in the meantime, please be aware that
there is a sandbox, as good as Java's, IMHO, and it does protect you from all
but the more trivial violations of your privacy.
-Mitch
PS. This is a good opportunity to point out that popup blocking and that sort
of thing stretches the definition of security a bit. Yes, multiple popups
could definitely be called denial-of-service, but in general, seeing a popup
ad has not compromised your security or revealed private information, which
are the main things we're trying to prevent. Please don't interpret this to
mean that we shouldn't be woking on popup blocking and other content
filtering. I'm just saying we should treat content filtering as something
related to but separate from security.
-M
Nils Ellmenreich wrote:
> Mitchell Stoltz wrote:
> >> The `Allow scripts to do the following' tree contains the following:
> >> [/] Open windows by themselves
> >> [ ] Move or resize existing windows
> >> [ ] Flip over or under other windows
> >> [/] Detect when I leave a page
> >> [/] Change status bar text
> >> [/] Load images or other objects
> >> [/] Set cookies
> >> [/] Read cookies
> >> [/] Access my History
> >
> >
> >
> > This is a great list. While we're at it, can any helpful readers suggest
> > any more things that users will want to block from this panel?
>
> I usually have JavaScript disbled because of several security/privacy
> implementation issues in the past. Would it be possible to disable all
> potentially dangerous functions (with one checkbox) so that it be
> relatively safe to use JS even if new implementations bugs are
> discovered? I think along the lines of the ghostscript interpreter that
> can disable all file operations that may be included in a postscript
> file. I'd be willing to pay for it in terms of loss of functionality.
>
> But I'm no JavaScript expert. Maybe the above list already comprises all
> these features. I'd just feel better if JavaScript could be confined in
> a Java-like sandbox ... ;-)
>
> Cheers, Nils
--
-------------------------------------------
"I need your help to get back to the year Nineteen Eighty-Five." --Marty
McFly
