« Understanding Adobe | Main | Many, many Beacons »
December 03, 2007
Sandboxes, natural and artificial
Sandboxes, natural and artificial: This article in "Redmond Developer News" came up in a web search, based on a line about AIR and some browser plugins "removing the sandbox". The article itself is confusing, referring to "sandbox" many times in the first few paragraphs without defining what the author believes the term means. I think the thrust of the article is that too few Microsoft-oriented developers are using the artificial security distinctions built into the Microsoft stack, and so are writing insecure applications. But equating that "trusted zone" or "managed code" approach with hard-wired security constraints seems misleading to me. In the browser, Adobe Flash Player sticks to rich-interactivity tasks, and there is no command available to muck around with the hard drive. It's a relatively shallow layer of universal functionality. The desktop Adobe Integrated Runtime does add file-manipulation abilities, but has careful constraints on invocation of native code. The Microsoft approach, since the early days of Internet Explorer, has been to integrate the full Microsoft stack, from operating system up through email and web. Flash offers universal support for a shallow layer, providing a natural sandbox; Microsoft has focused on hyperintegration with their entire software stack, introducing complex artificial barriers between layers of functionality. If external developers are avoiding those artificial separations when programming against the Microsoft stack, then that's not a good thing. I don't think their situation is comparable to AIR, though.
Posted by JohnDowdell at December 3, 2007 11:03 AM
Trackback Pings
TrackBack URL for this entry:
http://weblogs.macromedia.com/mtadmin/mt-tb.cgi/9168