»Q« schrieb:
Mozilla Messaging inherited a lot of stuff from previous Mozilla Suite and Thunderbird developers, including a security model which hadn't been maintained for years and was no longer usable.
And that the JavaScript we had in mailnews was a security problem had been known for quite some time before Mozilla Messaging came along and we knew that we couldn't ship a major version of SeaMonkey or Thunderbird with it, as we had no clear investigations that showed that JavaScripts in emails couldn't take over the client itself - which is a clear security problem as those JavaScripts are executed when you read HTML mail in 1.x and you only realize they are a problem when the attack has already been successful.
Robert Kaiser _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
