On Fri, 2007-12-07 at 14:51 +0100, Christopher Aillon wrote: > On 12/07/2007 02:45 PM, seth vidal wrote: > > On Fri, 2007-12-07 at 14:34 +0100, Christopher Aillon wrote: > >> Figured I'd forward this over here, as it's pretty interesting stuff... > >> > >> > >> email message attachment (DBus Bindings for Javascript.eml) > > > > > >> I've been working on writing DBUS bindings for Mozilla > >> Javscript. The goal of this project is to make it possible for > >> XUL and extension developers to integrate with the Linux > >> desktop. > >> > > > > If this ever gets into fedora it defaults to off and comes with giant > > flashing warnings when you turn it on. The last thing I want is some > > arbitrary javascript being able to escape the browser and send messages > > to the rest of my system. > > > This is for the JavaScript that runs as part of the browser, or in > installed extensions. With system (local user) privileges. It already > has full power to do whatever you can, including manually invoking > dbus-send, or emailing your password information to bad guys. Of > course, nobody would install an extension that would do these evil > things, right? I knew there was a reason I turn javascript off in most cases. :) -sv -- Fedora-desktop-list mailing list Fedora-desktop-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-desktop-list
