[Dev] D-Bus bindings for Crosswalk, Crosswalk extensions in Python

Patrick Ohly patrick.ohly at intel.com
Fri Sep 12 15:37:40 GMT 2014

On Fri, 2014-09-12 at 16:04 +0300, Von Dentz, Luiz wrote:
> Hi Zoltan,
> On Fri, Sep 12, 2014 at 3:05 PM, Kis, Zoltan <zoltan.kis at intel.com> wrote:
> > This way one could prototype very fast and deploy apps/extensions and
> > test user interest: if it's high enough, could do a native extension
> > to make it somewhat faster (but I doubt it would be much faster, or
> > better said, with less latency).
> >
> > Technically this will not be a significantly better solution than
> > writing native extensions. Hosting Cloudeebus in the browser process
> > will not work because security reasons (or need to include a security
> > manager too which identifies and restricts apps). If we drop this,
> > then 2 serializations need to be done anyway, one to/from D-Bus, and
> > one to/from the JS shim. But indeed would result in somewhat less code
> > to be written in certain/many extensions, and don't have to deal with
> > mainloop integration issues since this one will be solved by the
> > addition. So this would be very useful, ideal for prototyping, and
> > even production in many cases, but cannot cover everything
> > exclusively.
> The security reasons have been state a few times already but no one
> have explained, Patrick said the access control should work normally
> as any other application so are this reasons still applicable?

They are not.

What Zoltan meant is hosting Cloudeebus in the shared browser process.
That would save one IPC hop, but for security reasons such an approach
is undesirable.

In the current solution, Cloudeebus is hosted in the per-app extension
processes. The number of IPC hops is the same as in manually written
extensions, that's why its technically comparable to those.

Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.

More information about the Dev mailing list