[sugar] Web activity not containerized?
Michael Stone
michael at laptop.org
Sat Dec 22 16:35:35 EST 2007
Bert,
Xulrunner hardcodes the use of permissions like 0600 and 0700 all
throughout its code-base. This means that, when Browse stores its
profile information (SSL certs, web cache, ...) in $SAR/data, many
operations fail during the second launch of Browse.
See
http://wiki.laptop.org/go/Concurrent_activity_instances
for some of the gory details of how we tried to work around the problem
and failed.
Help in solving this problem in a maintainable way would be most
appreciated. (It is widely felt that patching xulrunner to use different
permissions will be fragile and unmaintainable unless the upstream
xulrunner folks are willing to accept the patch. Based on this view,
Marco, Simon, and I have contacted several Moz. folks seeking advice on
how to proceed.)
Michael
On Sat, Dec 22, 2007 at 09:23:22PM +0100, Bert Freudenberg wrote:
> Hi Marco,
>
> just saw your commit to take the Web activity out of its security
> container. What's the motivation behind that? Wouldn't the browser be
> particularly advised to run in the safest manner possible?
>
> - Bert -
>
>
> _______________________________________________
> Sugar mailing list
> Sugar at lists.laptop.org
> http://lists.laptop.org/listinfo/sugar
More information about the Sugar
mailing list