On 2/1/12 2:41 PM, Paul Libbrecht wrote:
Android goes somewhat in this direction with its app-security model...
With all due respect, the app-security model on Android is a joke.
Everyone just clicks through the permissions grant without even reading
what's being requested, because _every_ app asks for a bunch of
permission grants up front and won't run until you grant them. Any
random game wants permission to do arbitrary internet access (as
mentioned earlier on this thread, already a security hole if you happen
to be behind a firewall when you run the game), listen to your phone
conversations, read your addressbook, etc. Perhaps they do have some
sort of rarely-used features that require such access, but the model
forces them to ask for all the permissions immediately... and the user
is trained to just accept.
- Access to RAM at runtime, to a limit
I don't know how well such limits are handled by browsers, I've seen a lot of
browser crashes for these reasons. Pointer?
Several JS engines have heap size limits and stack size limits and will
throw exceptions when either is reached.
Any browser running web content in a separate process can impose global
RAM limits on that process if desired (ulimit on Unix-like OSes, but
Windows has similar functionality).
- CPU time when in background, to a limit
Same thing, the user-warning on slow script is not that limit!
Apart from timeout throttling UAs are not doing much here yet. I expect
they will do more.
There's plenty of things we can do to make the Web platform more
compelling and a better competitor to native apps, but adding "installing"
isn't one of them. That would in fact take one of the Web's current
significant advantages over native apps and kill it.
when you consider the success of app-stores, I think that I do not share this
view.
Indeed.
-Boris
