On Mon, Sep 21, 2015 at 8:48 PM, Eric Shepherd <esheph...@mozilla.com> wrote:
> Eric Rescorla wrote: > > I think there are some fairly obvious issues here, including: > > - There are obvious sensitive files you shouldn't upload under > basically any conditions. > - It's hard for the client to know what the implications of any directory > upload are > because they may not know what's in a given directory. > > I'm not a big fan of "the user is stupid and we have to protect him" as an > argument. :) > Conveniently, that's not what I said. There's lots of stuff that's in people's directories that they're not readily aware of, including dotfiles, missaves, etc. > There are a lot of genuinely valid use cases for this feature; yes, > security concerns should definitely be considered, but it's important to be > clear that if you want to address security concerns, or kill off the > feature entirely. > What's needed here is a real security assessment. That might lead to some sort of security mediations, and might also lead to the conclusion that it needs to be killed. But the first thing to do is an assessment. So far I haven't seen one. -Ekr _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
