Hi, >> Still, it's can be correctly designed to really lower the risk (or >> even eliminate it). > > I don't believe the risk can be eliminated entirely. There will always be > unacceptable risk if you execute native code generated at runtime from an > untrusted source. How about a very well maintained open source piece of software, such as Firefox, WebKit and WebKit2 (http://trac.webkit.org/wiki/WebKit2), as a source of that generated native code at runtime? This would immensely help verifying the emitter of such a code and take the appropriate action, if needed. -Ilyes Gouta >> It's changing. HTML5 and JS are going to be the front-ends for such >> remote services provided by those cloud platforms. And these are the >> standard way (vs. Adobe's Flash for example) to deliver a rich >> experience to the end-user, right in his browser, and IMHO we should >> support that. > > Well, that's not what HTML, nor the underlying HTTP, was designed for. I > don't see it as being an appropriate platform for software at all. (And I > don't see plugins such as Flash as being the solution either. I believe this > needs a completely different protocol, e.g. NX is something going in that > direction.) > > And IMHO, as a Free Software distribution, we should do all we can to > promote Free Software installed on the end user's machine where he/she has > full control (freedom!) over the software rather than remote services, web > or otherwise. > > Kevin Kofler > > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel > -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
