Security - other options to mediator running a webserver? Named pipes? #107
digitalsignalperson
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
From what I understand, the brotab_mediator runs an HTTP server, so anyone on localhost could access/manipulate the browsers running the extension. But the mediator itself communicates directly with the browser over stdio.
Different levels of access restriction might be desired, like by user account, or say sandboxing the browser & cli environment with bubblewrap.
Perhaps the mediator could use some other IPC like named pipes.
Any thoughts on this?
Beta Was this translation helpful? Give feedback.
All reactions