Jeremy Nicoll wrote: > songbird wrote: ... >> but what i do is set where files are saved in a >> specific directory and leave it at that > > That works fine while you can be sure that a browser is only > saving downloaded files. What about when if can do anything > it likes to any file/folder?
i'm trusting the developers of the browser just like everyone else who uses it. javascript has always been an issue, i don't see that changing. if you are paranoid about that kind of access then the OS does let you set things up to be doubly sure (different users and groups) and there are even security protocols that go even further. i don't bother with them. Debian itself is also another web of trust that us users rely upon. i consider it similar enough to what happens at firefox devs that i don't really worry about it. songbird
