On Mon, Sep 21, 2015 at 3:58 PM, Jonathan Watt <jw...@jwatt.org> wrote:
> On 21/09/2015 19:57, Eric Rescorla wrote: > >> On Mon, Sep 21, 2015 at 11:23 AM, Jonas Sicking <jo...@sicking.cc> wrote: >> >> Note that this, similarly to clipboard integration, is already exposed >>> to the web through flash. So the main goal of this feature is to >>> enable developers to migrate off of flash and instead use Gecko. >>> >>> >> I'm not sure that this is the right standard. The reason that we are >> removing >> Flash is that people are sad about some things in Flash. So I think we >> need >> to replicate enough of Flash to get people to stop using it, but that >> doesn't >> mean we need to have it be bug-for-bug compatible with every feature Flash >> has, including features we think are bad. >> > > I don't think directory picking is bad - there are many sites with > legitimate uses There are lots of features with legitimate uses which are also dangerous. For instance, it would be convenient to be able to get access to your camera and microphone without a prompt. I think there are some fairly obvious issues here, including: - There are obvious sensitive files you shouldn't upload under basically any conditions. - It's hard for the client to know what the implications of any directory upload are because they may not know what's in a given directory. > . I think it's right that we need to think about the security implications > though, and members of the security team have been looped in to consider > these issues. > This seems like a procedural response, not a substantive one. Where is the security analysis for this feature? -Ekr _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
