Date: Mon, 12 Jan 2004 19:54:47 +0100
To: Richard Jones <rich at annexia.org>
Cc: lablgtk at kaba.or.jp
Subject: Re: Render into an existing XWindow ID?
Message-ID: <20040112185447.GA29481 at iliana>
References: <20040111155334.GA14026 at redhat.com> <20040112091805.GA1067 at gallu.homelinux.org> <16386.28767.842624.81425 at akasha.ijm.jussieu.fr> <20040112101349.GA20669 at redhat.com> <20040112110450.GA23990 at iliana> <20040112152156.GA838 at redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <20040112152156.GA838 at redhat.com>
From: Sven Luther <sven.luther at wanadoo.fr>

On Mon, Jan 12, 2004 at 03:21:56PM +0000, Richard Jones wrote:
> On Mon, Jan 12, 2004 at 12:04:50PM +0100, Sven Luther wrote:
> [running OCaml programs embedded in a browser plugin]
> > That would be really great.
> 
> Sort of :-)
> 
> Not actually very useful I think.  I was only doing it as an
> experiment, and FWIW it's not working at the moment.

Well, maybe trying to run it on galeon which has a gtk+ interface ?

> There are some problems I can think of:
> 
> * You still need the whole OCaml environment checked out and up
>   to date on the client machine, so this isn't really seamless
>   client-server computing.  In fact, in some ways OCaml is worse
>   because it's very sensitive to having the precise matching libraries
>   before anything will run.

Oh, isn't ocaml-base enough ? And you can check for the version of
everything at runtime, i think.

Ideally, the plugin would publish a set of modules and versions it
provides, and when a applet (or whatever you call it) is downloaded it
can check for them or something such.

> * Security - none: it's easy to create malicious bytecode with
>   OCaml, so you wouldn't want to run untrusted bytecode under
>   any circumstances.

Yeah, sure. Altough i guess that some certificate (or gpg signing or
something) thingy could be done.

Another idea is to run the ocaml engine in a specific user, so nothing
too serious can happen. I am no security specialist though.

But i guess that if the other things are solved, they would be serious
interest in providing the needed security infrastructure or something.

I am sure someone already looked into this in the MMM era.

> Anyway, if I come up with anything which works, I'll be sure to post a
> message about it!

Thanks,

Friendly,

Sven Luther