On Wed, Sep 03, 2008 at 07:04:05AM -0700, Leslie Wu wrote: > While it's great that Processing.js and the like exist, to be really bold > and experimental, we (in the advanced prototyping / research / hacking > space) need to dip and dive deeper than modern notsofreaky sandboxes allow, > and hope that HacketyHackers won't be confined to such small but Flashy > spaces.
On the note of sandboxing, I think Chrome has made me ditch my prior ideas about how I want to handle security in Shoes. (Because that's the big problem here, not a bunch of little platform bugs.) I don't think I'm going to use the sandbox extension after all. It's too experimental for right now and not generic enough should I end up supporting Rubinius of Ruby 1.9 or anything else. I think Chrome (and Yahoo's BrowserPlus) have a fundamentally nice idea: keep the interpreter in its own process and then sandbox the process. I'm thinking something like a cross-platform Sandboxie (see: sandboxie.com) which emulates a filesystem and socket environment for each process. This keeps it nice and generic and doesn't require a complex API. The API would be much like the popen3 extension, basically. With a config describing which services to cut/redirect, I guess. I still think Shoes is best suited to compete with GUI toolkits (since they are just so lousy) rather than to take on Flash. But once Shoes is solid, I hope to get cracking on the security stuff and, well, who knows what's in store after that. _why
