tag:blogger.com,1999:blog-1015214236289077798.post7612199807054655843..comments2024-03-24T17:13:53.855-07:00Comments on TenFourFox Development: Sandboxin' Safari on PowerPC (because plugins can't be trusted, and neither can you)ClassicHasClasshttp://www.blogger.com/profile/17331846076856918359noreply@blogger.comBlogger14125tag:blogger.com,1999:blog-1015214236289077798.post-30703142286302486972015-10-30T17:25:15.364-07:002015-10-30T17:25:15.364-07:00No, simply trashing it is sufficient to uninstall ...No, simply trashing it is sufficient to uninstall it. It's self contained.ClassicHasClasshttps://www.blogger.com/profile/17331846076856918359noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-75576034750011124742015-10-28T23:37:30.672-07:002015-10-28T23:37:30.672-07:00Just out of pure curiosity (and my apologies in ad...Just out of pure curiosity (and my apologies in advance if I'm not even supposed to be asking this much...): if one installs SandboxSafari and later decides to remove it, is there anything more to it than trashing the app and moving on?Unexpected Billhttps://www.blogger.com/profile/17136787443738948395noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-56088862226645584072015-10-14T09:41:13.284-07:002015-10-14T09:41:13.284-07:00I'm not sure what the hangup is, but they have...I'm not sure what the hangup is, but they have more to port than just the core Gecko code and there might be something there problematic with gcc 4.6 that our shim does not cover.ClassicHasClasshttps://www.blogger.com/profile/17331846076856918359noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-8010074823417730332015-10-14T09:40:33.604-07:002015-10-14T09:40:33.604-07:00Although I sympathize, I don't use Leopard, so...Although I sympathize, I don't use Leopard, so it wouldn't be me for certain.ClassicHasClasshttps://www.blogger.com/profile/17331846076856918359noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-33485414481046989982015-10-09T07:58:57.946-07:002015-10-09T07:58:57.946-07:00You mentioned the classic environment. Speaking of...You mentioned the classic environment. Speaking of which I've always wondered if it was possible to produce a build of SheepShaver that is both optimized for Leopard and PPC (and doesn't crash every 5 seconds on PPC like current SheepShaver) as a solution for Leopard's lack of classic. Of course it would require a lot of coding and I'd be considered more of an amateur coder (written a few AppleScript apps and coder HTML) and I assume you're pretty busy as is.Anonymoushttps://www.blogger.com/profile/09011845999814793165noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-36329953167502876862015-10-08T05:57:25.573-07:002015-10-08T05:57:25.573-07:00TenFourBird has yet to issue an update since 31.8....TenFourBird has yet to issue an update since 31.8.x. This is unusual. I wonder when and if this will happen?kphttps://www.blogger.com/profile/03222352777872766575noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-42617837412806703792015-09-28T13:53:03.787-07:002015-09-28T13:53:03.787-07:00It uses whatever WebKit framework is installed on ...It uses whatever WebKit framework is installed on the system.<br /><br />As far as incremental GC, enough people reported problems that I'm not planning to disable it.ClassicHasClasshttps://www.blogger.com/profile/17331846076856918359noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-63910341714052114322015-09-28T08:05:51.948-07:002015-09-28T08:05:51.948-07:00---
Lastly, final soap-box on this, but whatever y...---<br />Lastly, final soap-box on this, but whatever you decide for web-videos, can't say enough good about basing on youtube-dl. <br /><br />I watch the Nightly Show with Larry Wilmore through my player and last week an update to their site broke compatibility and the youtube-dl team had it fixed in 3 days. These guys are relentless! They are stating Python 2.7.6 support for at least 3 more years and good compatibility for probably 5. That keeps Tiger in the video-loop for quite a while. Very easy to implement. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-4668044027887677492015-09-28T07:50:29.624-07:002015-09-28T07:50:29.624-07:00That is very cool.
You mention updating to WebK...That is very cool. <br /><br />You mention updating to WebKit/TenFourKit for 10.4, so does this call that app if present, and fallback to Safari if not? <br /><br />Oh, BTW - on the TFF front, left a comment about problems with gstatic fonts last week. Those problems/hangs are gone when I re-enable Incremental GC. When it is off, sites that call gstatic fonts seem to hang and the browser becomes unresponsive. (Dual 1.42 G4 2GB of RAM).Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-75189672674597768282015-09-27T22:54:16.749-07:002015-09-27T22:54:16.749-07:00No, I get it from the perspective of protecting th...No, I get it from the perspective of protecting the library and cache, but an exploit would not limit itself to those locations and nothing really keeps it there. If someone injected shellcode or managed to grab expanded privileges in the Flash or Java runtime, all bets are off as to where they would be able to get (anywhere the user has permission), unless I misunderstand your approach.<br /><br />The nice thing about the unprivileged uid method is that nobody can't write to ~/Library, period. In fact, it doesn't even have a home directory it can write to (/var/empty is owned by root:sys), let alone its own Library folder.ClassicHasClasshttps://www.blogger.com/profile/17331846076856918359noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-61155732310820675252015-09-27T22:36:07.309-07:002015-09-27T22:36:07.309-07:00It simply locks the following files with a 'tr...It simply locks the following files with a 'try' command, so WebKit/Safari cannot store anything:<br />~/Library/Safari<br />~/Library/Cookies<br />~/Library/Caches/com.apple.Safari/Webpage Previews<br />~/Library/Caches/Metadata/Safari<br />~/Library/Caches/Safari<br />~/Library/Caches/WebKit<br /><br />Then the URL is passed to WebKit. The nice thing is that the caching then rests completely in RAM, so is much faster than disk caching and on closing there are no footprints left to get sniffed out by spywear later.<br /><br />Have also completely disabled Safari Password System and Java. Has proven to be useful for many things that TFF cannot do easily (like retrieving an Apple ID).<br /><br /> I REALLY wish someone would make a .webarchive addon for Firefox. Mht sucks.<br /><br />Super Cool concept here you have.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-74119343521526649122015-09-27T19:39:26.164-07:002015-09-27T19:39:26.164-07:00How do you mean, "locks the folder"? I&#...How do you mean, "locks the folder"? I'm unclear what that prevents, but maybe there's something else there to consider.<br /><br />I don't want to give SandboxSafari the ability to write *any* file. Then it can't be subverted.ClassicHasClasshttps://www.blogger.com/profile/17331846076856918359noreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-50893183242992563802015-09-27T15:32:43.512-07:002015-09-27T15:32:43.512-07:00Very Cool Idea C.K.
I wrote an Applescript that ...Very Cool Idea C.K. <br />I wrote an Applescript that does something very similar (locks 'Safari' folder to prevent security leaks and sends pages to WebKit from TFF with a hotkey).<br /><br />This is much more elegant. The only extra option/feature that 'Might' be worth adding is the ability to save a page as a webarchive. The page-saving in Firefox (.mht) is not as easy/functional, and this might allow easier saving in the future.<br /><br />Awesome concept and cool icon too.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1015214236289077798.post-76548902757711923312015-09-23T11:26:35.412-07:002015-09-23T11:26:35.412-07:00Thank you, this is really a good idea. Works much ...Thank you, this is really a good idea. Works much faster than opening Safari itself or TFF 17. Hint (not a bug report): Refresh problems (on 10.5 only) e.g. on http://www.adobe.com/software/flash/about/ can be mitigated by resizing the window a bit, forcing it to re-draw. The weird stuff going on in the menu bar on 10.5 we'll have to live with because it's running as a different user with Apple's defaults for keyboard input and menu bar transparency.Anonymousnoreply@blogger.com