[icedtea-web] Idea - do not start ITW applets automatically
Adam Domurad
adomurad at redhat.com
Fri Jan 18 11:33:55 PST 2013
On 01/18/2013 06:47 AM, Jiri Vanek wrote:
> [..snip..]
> Yy, this pop up is definitely first step. (but imho it should be
> already accomapanied by always/never/ buttons and radio swithch
> applet/page/domain
IMO just applet for starters, easier to fully test before pushing out.
>
>>
>> Can't applets be smaller than a comfortable button size (and
>> potentially hidden somewhere) ?
>
> exactly - one of the reasons of this mechanism, that invisible appelt
> is not launched without warning. Imho 0x0 size appelts should be even
> more restricted (but 1x1 appelt is still in same way dangerous .. :-/
> (so probably no op)
> Maybe we can write size to the information dialogue;) 0x0 px should be
> saspicious to everybody (we can add explaining message also)
Might be worthwhile, although I don't think many people would know what
to do with this information.
>
>> If we do go the route of having a details button in the applet, I
>> think we'll have to still implement a size threshold. For small
>> applets I think we shouldn't risk cramming in detail.
>
> Agree, What about three thresholds then? eg >100px - full info in
> applet's pane, 100-20 details button, lesser direct popup.
Probably, by the final iteration.
>>
>> I think for applets big enough having the confirmation details on the
>> applet itself would be great -- in fact this would be an improvement
>> even for accepting applet signatures in my opinion (although we may
>> risk dropping important details). But, small applets (<100px) should
>> always have a pop-up I think.
>
> Interesting idea :)
>
>>
>> Since a page can have many small applets, I think we should add a
>> site to a 'temporary whitelist' once you accept an applet can run,
>> and all applets on the page run. They will continue to run if you
>> enter the site in the same session (a malicious applet will
>> immediately do something nasty the first time -- no significant
>> further risk I'd think of running it twice). Same way if you reject
>> an applet, it will reject all applets on this page in the current
>> session (possibly with message on applet "Applet denied for current
>> session".)
>
> Also interesting - if first appelt will be ok for page/domain then
> others really could be launched autoamticaly.
> But what if there will be first, some nice animation/game, and lower
> will be some malicious invisible one?
Ya good point, should be per-applet. The white/black-list will need to
be per-applet too (only setting for iteration 1 at least), which I
hadn't considered. We'll probably have to use the concept of applet
'unique key' here.
>
> Also I'm not sure if t will be possible to implement it correctly.
>
>
> J.
More information about the distro-pkg-dev
mailing list