Bug#748342: iceweasel: please keep sandbox code for EME/CDM DRM plugins out of Iceweasel builds

Martin Steigerwald Martin at lichtvoll.de
Fri May 16 12:04:20 UTC 2014

Am Freitag, 16. Mai 2014, 13:42:01 schrieb Sylvestre Ledru:
> On 16/05/2014 13:34, Martin Steigerwald wrote:
> > Mozilla Foundation is about to introduce a new way to load proprietary and
> > potentially unsafe code within the browser.
> Like flash or the sun-java applet plugin ?

How do you come to the conclusion that these are *new* ways to load 
proprietary and potentially unsafe code within the browser? As far as I can 
think back these have been there.

And how do these long existing ways to do that justify adding a new way to do 
it – instead of getting rid of the old ways as soon as possible.

Aside from that Adobe Flash and Sun Java may at least be used for something 
non DRM related as well while EME / CDM is specifically targetted at DRM and 
thus closed code which my even be protected by laws which make put the work of 
security researchers at risk. Read the second link in my bug post.

Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA  B82F 991B EAAC A599 84C7

More information about the pkg-mozilla-maintainers mailing list