[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Public WebGL] WebGL Extensions

Vladimir Vukicevic wrote:
> Hm, I thought we didn't have this which is where the confusion came from, but looks like Chris put it in a while ago:
> https://cvs.khronos.org/svn/repos/registry/trunk/public/webgl/doc/spec/WebGL-spec.html#5.14.14
> Maybe it's just missing a sentence or two at the end explaining that extensions are WebGL specific, and if WebGL is built on top of an underlying OpenGL driver, that driver's extensions will not necessarily be exposed?
IMHO, it is essential that WebGL does NOT expose underlying driver
extensions by default.  The reason being one of security.

Suppose something in the underlying OpenGL driver opened up a
vulnerability  on the client computer - some means for evildoers to get
into the machine and install malware or whatever.  If WebGL exposed that
vulnerability by default - then a simple JavaScript hack on a website -
or even in an HTML email - would be all that would be needed to turn it
into a usable exploit.

The big problem would be that there would be no simple way to close that
loophole promptly because it would require the cooperation of the OpenGL
driver authors - who normally do not have to worry too much about
exposing vulnerabilities since OpenGL programs are installed and run by
the owner of the computer.  They might not even WANT to close the
loophole - on the grounds that desktop applications are no worse off.

On the other hand, if WebGL is picky about which extensions it exposes,
then it's easy to remove access to an extension by changing one line in
a table someplace...we could even (in an emergency) tell people how to
disable the extension themselves by a per-extension checkbox in the
'about:config' page.  That would be a handy feature for application
debuggers anyway ("How does my application run without the yadda-yadda

  -- Steve

You are currently subscribed to public_webgl@khronos.org.
To unsubscribe, send an email to majordomo@khronos.org with
the following command in the body of your email: