[whatwg] Device Element
Glenn Maynard
glenn at zewt.org
Sun Jan 9 12:33:42 PST 2011
On Sun, Jan 9, 2011 at 7:21 AM, Bjartur Thorlacius <svartman95 at gmail.com> wrote:
> So, OS permissions are too complex, so you figure it's best to build
> another permission system on top of the existing ones? Why?
> The nuisance-prevention may be implemented by browsers, but privilege
> escalation to e.g. broader file access is clearly the OS' job.
File access control is currently, very clearly and very deliberately,
handled by the browser: web pages can only access files the user gives
to the page by selecting them in form input boxes. What you're
actually saying is that this should be removed, web pages should be
able to access any local file that the OS user account the script is
running as has access to, and that users should control what files
they want web pages to access by modifying the operating system's
ACL's to grant and revoke access to web pages.
--
Glenn Maynard
More information about the whatwg
mailing list