|
|
|
|
|
|
by alangpierce
2738 days ago
|
|
|
I wonder if it's reasonable in the long run for third-party libraries to run under a restricted permissions model with explicitly-granted capabilities. Just like how it's unreasonable to expect an end-user to audit the code of a phone app they install, it seems almost as unreasonable for a developer to need to audit the code of every third-party library they use. For example, if a library can't access the clock, then it wouldn't be able to implement this sort of "time bomb" behavior. You could also of course limit cookies, XHRs, etc. Certainly a bit hard to know how it would work from a technical standpoint, but I think if done well it would make diligence a lot more manageable. |
|
|