Extension security?



Hi all,

I may be missing something, but the really nifty extensions site prompted me to ask this, are there not potential security issues with extensions being able to be installed by clicking on a webpage? Ans since extensions are able to modify the way the UI behaves, could someone not make one that steals users' info, make screenshots, steal passwords (like emulating the login screen for example), etc?

I'm sure you thought of all this so I be interested in knowing how you protect us (sandboxing, limiting the things API can do, not allowing access to the HD except thought given functions, etc).

Thanks,
Gabriel


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]