[tor-bugs] #10280 [Firefox Patch Issues]: Torbrowser shouldn't load flash into the process space by default
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 11 21:50:52 UTC 2014
#10280: Torbrowser shouldn't load flash into the process space by default
-------------------------------------+-------------------------------------
Reporter: mikeperry | Owner:
Type: enhancement | Status: needs_review
Priority: normal | Milestone:
Component: Firefox Patch | Version:
Issues | Keywords: tbb-testcase,
Resolution: | MikePerry201402R
Actual Points: | Parent ID:
Points: |
-------------------------------------+-------------------------------------
Comment (by mikeperry):
Replying to [comment:25 cypherpunks]:
> I believe many of these problems are ultimately the result of bad
software engineering. There is a reason you have a Requirements Document,
and a Design Document. Bad News when combining the two into one. The
Requirements document specifies WHAT, a Design Document specifies HOW.
>
> By putting them together you lock your implementation, and make it
difficult to determine what is a functional defect. For instance, if you
had a Requirements document, this discussion would not be necessary.
Oh yeah, here's a good idea: let's clutter this bug up some more by going
meta and arguing about the design document and how many different pieces
of paper we should have filed with the appropriate standards bodies in
triplicate...
"You have just leveled up. You are now a Level 23 Bureaucrat.
Congratulations on your studious attention to rigid processes!" ;).
In all seriousness though, I actually don't believe your claims to be the
case at all. If these documents were separate (really they already nearly
are - the requirements and implementation already are in separate
sections), we *still* would not have had a requirement that plugins not
have been loaded into the address space, only that plugins must be audited
and restricted such that they can meet our privacy and security
requirements, or that they be prevented from running by default if they
cannot. Just as we specify now.
So no, having two pieces of paper instead of just one would not have saved
us from this argument. This is an argument about a highly nuanced
implementation detail, and if that detail mattered enough for us to write
a patch for it.
Thankfully, bobnomnom saved us from endless argument by just writing a
patch. Let's not drag it meta-meta now, if we can avoid that, please.
Bob - I will review your patch as soon as possible. At a glance, it looks
like we have to localize it still though. I might be able to do that
myself, but it will mean it may be delayed a little more. Please be
patient.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10280#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list