← Back to context

Comment by btrask

10 years ago

See the later quote:

> (It should also be possible to block or control access to each of these.)

The good news is that the capabilities of the sandbox don't need to be every-expanding, the way browsers have been. The sandbox should support everything the hardware can do, and then there are policy decisions about what capabilities web pages actually get.

6 comments

btrask

Reply
jkot  10 years ago

It should also be possible to disable JS. We all know how that worked out.

  • btrask  10 years ago

    A better analogy is Android permissions. These days you can fake them and apps mostly still work, right?

    • jkot  10 years ago

      I think security model on Android 6 is now different. You can grant permission to use camera for 10 minutes etc...

coldcode  10 years ago

> The sandbox should support everything the hardware can do

Until you can emulate a hardware GPU in software at the same performance point, your sandbox is unusable. The web is more than text.

TeMPOraL  10 years ago

At this point the sandbox is indistinguishable from your OS.

  • btrask  10 years ago

    The difference is priorities. By separating them, your OS can be fast and featureful, and your sandbox can be secure. Better yet if there are several competing, portable sandboxes, so you can choose the best OS and best sandbox separately.