Re: What ever happened to "shared frameworks"?
Re: What ever happened to "shared frameworks"?
- Subject: Re: What ever happened to "shared frameworks"?
- From: Shaun Wexler <email@hidden>
- Date: Tue, 23 Sep 2003 13:55:35 -0700
On Sep 23, 2003, at 1:27 PM, Charles Srstka wrote:
When 10.0 was still in beta, and this feature was first being talked
about, a friend of mine once raised a concern about the security of
this feature. You would only need to write an app that had a malicious
version of that framework, and anyone who had the app on their machine
could have other applications start doing malicious things.
Maybe that is why they have not implemented the feature.
What I would rather see happen to them is just the opposite... if an
app package contains SharedFrameworks, they are registered with the
system, and are added to the OS-default framework search paths. Any
embedded framework would take precedence over those in other app's, or
in other domains, but if none were embedded, the OS would try its
search paths in the three domains, then all other app's for
SharedFrameworks until a match is found. That wouldn't absolutely
prevent maliciousness, but would ensure that only apps without their
required frameworks embedded would be at risk.
--
Shaun Wexler
MacFOH
http://www.macfoh.com
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.