E. Liddell wrote:
> It also has an obsolete Javascript engine and an uncertain number of
security holes
I'd argue that since it supports a very limited portion of JavaScript
and apparently none of the modern Web APIs like WebRTC, WebAssembly
etc., the attack surface is actually smaller. The only disadvantages
from a security standpoint would be effective lack of eyes and work on
the source (the obvious disadvantage being, of course, a browser stuck
in time).
> Webkit
Looks like the least evil choice to go for TDE. Upstream versions seem
to offer decent rendering and boast good privacy, and it can be
integrated deeply with TQt/TDE.
> its fork Blink
Bulky, with questionable privacy, dependent on Google's choices but
seemingly very secure (sandboxing, process separation). Does not
integrate really well with the system (includes its own graphics stack
and does not integrate with any toolkit at all).
> and QT5's repackage of Blink's core as WebEngine
Probably out-of-date with latest Blink, so not a very safe choice.
> Gecko and its fork Goanna
Last I checked there was still no decent sandboxing in Firefox for
Linux. Also, there is no working embedding API AFAIK with either Gecko
or Goanna.
> Choose your poison
Yes, that about sums it up all.
____________________________________________________
tde-users mailing list -- users@xxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxx
Web mail archive available at https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@xxxxxxxxxxxxxxxxxx
