Olivier Cornu: > I haven't checked the project in the last couple years, yet in the past GM > had to deal with significant security issues. > As so many projects it grew from a few hacks and ended much wider than ever > intended, with the usual design and coding scars. But the main obstacle was > that it introduced a new level of privilege between embedded javascript and > chrome code, which was not intended to exist in firefox and impossible to > enforce in pure javascript. It was long the case that, although relatively > safe when used properly, it could quickly be used in unsafe ways -- even in > good faith. Thanks for raising these aspects I did not consider earlier on. :) -- Lunar <lunar@xxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: Digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk