|
|
|
|
|
|
by rbanffy
5087 days ago
|
|
|
I like the idea of assigning permissions to applications. Then if browser B runs under user U, its effective permissions would be the intersection of what both B and U are allowed to do. I don't see why Firefox should be able to write anything outside ~/.mozilla/firefox and ~/Downloads |
|
|
I'm not sure what profile Firefox runs under, but what you suggested would be quite reasonable, though maybe not as default -- You probably want to be able to "save as" to an arbitrary directory, and open files for upload from anywhere too. Though since both of those involve a user dialog, that could easily be a secondary application with its own profile that uses IPC/shared memory/something to pass data to the browser. Smaller target attack area.