[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gnash-dev
Subject:    Re: [Gnash-dev] Extensions and GNASHRC
From:       Eric Hughes <eh () narthex ! us>
Date:       2007-05-25 17:03:18
Message-ID: 6.0.0.22.2.20070525105321.02996ec0 () mail ! narthex ! us
[Download RAW message or body]

At 10:43 AM 5/25/2007, Sandro Santilli wrote:
>Comments welcome.

The "correct" default, from a security point of view, is always "do 
nothing", because then there's no risk of malfunction.  Leaving extensions 
off by default is just fine, and is likely the right way to behave permanently.

Now turning them back on in the way you've done, well, I don't think it's 
long-term solution.  But you weren't looking for one.  It'll do for now.

The long-term issue is granularity of authorization and the algebra of 
grants of such.  The variable "EnableExtensions" might be sufficient to 
enable them for any .SWF (certainly the wrong thing) or might be necessary 
for enablement, requiring some other grant (possibly OK) or might be 
removed in favor of another mechanism.  I see no need to decide now.

Eric




[prev in list] [next in list] [prev in thread] [next in thread]