[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Child killing UI (was Re: Reliability of RPC services)
From: |
Marcus Brinkmann |
Subject: |
Re: Child killing UI (was Re: Reliability of RPC services) |
Date: |
Fri, 28 Apr 2006 14:30:54 +0200 |
User-agent: |
Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.7 (Sanjō) APEL/10.6 Emacs/21.4 (i486-pc-linux-gnu) MULE/5.0 (SAKAKI) |
At Fri, 28 Apr 2006 13:49:38 +0200,
Pierre THIERRY <address@hidden> wrote:
>
> [1 <multipart/signed (7bit)>]
> [1.1 <text/plain; us-ascii (quoted-printable)>]
> Scribit Marcus Brinkmann dies 28/04/2006 hora 01:51:
> > > I'm not sure if the powerbox shoudl allow such potentially malicious
> > > behaviour: if the resource is for a plugin, shouldn't the powerbox
> > > be able to tell the user that the plugin indeed will be the
> > > recipient of the capability?
> > It can't, because it is the powerbox of the browser. The plugin does
> > not have its own powerbox.
>
> Why?
Bas explained it, but let me at some more detail.
You could let the browser ask the shell to start the plugin. In this
case, _if_ the shell complies (which would require authorization by
the user, direct or indirect), then the plugin would get its own space
bank reserve, powerbox etc, and would exist co-equal to the browser,
with some communication channel between them.
However, we don't think of the plugin as co-equal to the browser, so
that's not the design pattern we want to use.
I also think that things are much more manageable for the user if as
much coordination between processes is localized among them. The user
doesn't necessarily know what a plugin is or does, so we should leave
all this stuff to the browser.
But, having said that, I also think, at least provisionally, it is
useful to let the browser _advise_ the user about the planned use of a
resource like a file, from the powerbox (with all the caveats we
agreed upon already - like making clear that the browser may not
cooperate etc).
Thanks,
Marcus
- Re: Process Management (was: Re: Reliability of RPC services), (continued)
- Child killing UI (was Re: Reliability of RPC services), Pierre THIERRY, 2006/04/27
- Re: Child killing UI (was Re: Reliability of RPC services), Marcus Brinkmann, 2006/04/27
- Re: Child killing UI (was Re: Reliability of RPC services), Pierre THIERRY, 2006/04/27
- Re: Child killing UI (was Re: Reliability of RPC services), Marcus Brinkmann, 2006/04/27
- Re: Child killing UI (was Re: Reliability of RPC services), Pierre THIERRY, 2006/04/28
- Re: Child killing UI (was Re: Reliability of RPC services), Bas Wijnen, 2006/04/28
- Re: Child killing UI (was Re: Reliability of RPC services),
Marcus Brinkmann <=
- Re: Child killing UI (was Re: Reliability of RPC services), Bas Wijnen, 2006/04/28
- Re: Child killing UI (was Re: Reliability of RPC services), Pierre THIERRY, 2006/04/28
- Re: Child killing UI (was Re: Reliability of RPC services), Jonathan S. Shapiro, 2006/04/28
- Re: Reliability of RPC services, Bas Wijnen, 2006/04/25
- Re: Reliability of RPC services, Bas Wijnen, 2006/04/25
- Re: Reliability of RPC services, Jonathan S. Shapiro, 2006/04/25
- Re: Reliability of RPC services, Bas Wijnen, 2006/04/25
- Re: Reliability of RPC services, Tom Bachmann, 2006/04/25
- Re: Reliability of RPC services, Jonathan S. Shapiro, 2006/04/25
- Re: Reliability of RPC services, Bas Wijnen, 2006/04/25