[tahoe-dev] How to use Caja to solve the same-origin policy hazard (hosting both webapps and untrusted content in Tahoe)
Ted Rolle Jr.
stercor at gmail.com
Sat Jul 30 08:36:03 PDT 2011
You are not alone in your perception of Java.
Um...I can say this because I've never learned Java and have little
knowledge of JavaScript.
This alone qualifies me as an expert in these subject areas. ;-}
However, if Caja provides more security, we should at least look at it.
In my experience, code becomes stable and reliable after the third rewrite.
It's the issue of security vs. convenience: you can't have both.
There is much good JS code in Tahoe-LAFS. But as in any large project,
there is probably code that needs to be examined for its utility and
"currentness". This rarely happens when programmers are under a deadline
(read: 1.9.0).
Paraphrased quote from Albert Einstein:
"Make things as simple as possible, but not simpler.[1]"
Ted
[1] http://en.wikiquote.org/wiki/Albert_Einstein
On Sat, Jul 30, 2011 at 11:06 AM, Zooko O'Whielacronx <zooko at zooko.com>wrote:
> Dear Kevin:
>
> Your letter fills me with internal conflict!
> .
>
.
.
> Zooko
>
> [1]
> http://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/quickstart.rst
> _______________________________________________
> tahoe-dev mailing list
> tahoe-dev at tahoe-lafs.org
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110730/da617bef/attachment.html>
More information about the tahoe-dev
mailing list