On Mon, 2011-02-14 at 10:35 -0500, Daniel J Walsh wrote: > We can prevent lots of stuff, you could run your firefox session in > sandbox or even multiple firefox sessions within multiple sandboxes, > We can prevent executable/writable memory checks, we can confine > mozilla_plugin and nsplugin but most of these have to be turned off > because things can break. The burning questions in my mind about confining Firefox and plugins are: Is it hard to nail it down because it's hard to work out what to restrict or not? Are Firefox and plugins doing lots of things that they shouldn't really be doing? My suspicion is that there's a lot of bad programmers that think it should be allowed to do anything without restriction, and they'll expend more energy into protesting restrictions than they'll put into writing better code. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
