Hacker News new | ask | show | jobs
by barrybe 5296 days ago
NaCl is nice and all, but it's better to have something that works perfectly fine on top of Javascript/HTML5, rather than only inside NaCl.
1 comments
cheald 5296 days ago
HTML5/Javascript can't do raw socket operations, which is the big obvious downside here.
link
wmf 5296 days ago
NaCl intentionally has the same sandbox, same security model, and same I/O capabilities as JS. In this case, NaCl would still be limited to XHR or WebSocket.
link
cheald 5296 days ago
Ah, I didn't know that. How does naclssh do it, then? It seemed like it was going far more low-level than the standard sandboxed security.
link
DougBTX 5296 days ago
From the snippet you posted above, it looks like it depends on a "websocket-to-socket proxy".
link
cheald 5296 days ago
Aha, okay. Misunderstanding on my part, then!
link
bdonlan 5296 days ago
Sure, but they can also add a new API for raw socket operations.
link
burgerbrain 5296 days ago
This would undoubtedly be a bad idea. There is a reason it doesn't already exist.
link
bdonlan 5296 days ago
I'm not saying open it up to just anything, but if this is for ChromeOS, they could certainly grant access to manually-installed extensions (not extension gallery extensions) and/or to OS components.
link
krallja 5296 days ago
"Install this app* to get 10 free cows in FarmVille!"

* Note: App may include port scanner. Do not look directly into the operational end of the port scanner.

link
calcnerd256 5296 days ago
but a proxy can
link