|
|
|
|
|
|
by icebraining
4407 days ago
|
|
|
The thing is, parts of the app might need access to the hard drive, but that doesn't mean the whole app needs it. For example, your email client as a whole needs hard drive access, but the email parser just needs a channel to receive the messages and return a data structure, so you can isolate it and then if an email is sent that tried to explore some bug in the parser that achieved code execution, it still couldn't delete or read your files. For example, see the Chromium architecture: http://www.chromium.org/developers/design-documents/multi-pr... |
|
|