Bug#748342: iceweasel: please keep sandbox code for EME/CDM DRM plugins out of Iceweasel builds
Martin at lichtvoll.de
Fri May 16 12:04:20 UTC 2014
Am Freitag, 16. Mai 2014, 13:42:01 schrieb Sylvestre Ledru:
> On 16/05/2014 13:34, Martin Steigerwald wrote:
> > Mozilla Foundation is about to introduce a new way to load proprietary and
> > potentially unsafe code within the browser.
> Like flash or the sun-java applet plugin ?
How do you come to the conclusion that these are *new* ways to load
proprietary and potentially unsafe code within the browser? As far as I can
think back these have been there.
And how do these long existing ways to do that justify adding a new way to do
it – instead of getting rid of the old ways as soon as possible.
Aside from that Adobe Flash and Sun Java may at least be used for something
non DRM related as well while EME / CDM is specifically targetted at DRM and
thus closed code which my even be protected by laws which make put the work of
security researchers at risk. Read the second link in my bug post.
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7
More information about the pkg-mozilla-maintainers