Shaver made the component manager scriptable and we are now exposing the component manager via 'Components.manager' (in addition to the newly available access to the thing via 'getService'. I plan to build a native proxy around the component manager and reflect that proxy into JS - never the raw component manager. That way we can still do component manager specific securty checks even when JS code make direct calls on the wrapped native object. Alternately, we could not even bother and force the security manager to filter *all* method calls to get this level of protection.

Added dogfood and PDT+ annotations. Establishing non-crypto security ASAP is quite vital, as it will likely involve infrastructure manipulation. We want to avoid any late-term destabilization... so we want this arriving with dogfood RSN. Thanks.

marking this non dogfood because we have no security policies that would both expose this proxys object AND want to protect access through it. This proxy object is a way to get calls to go through existing filters. Its presence or absense will not have any effect on the filter user. We'll fix this later after doing more important stuff.

Moving all XPConnect QA contact to rginda

Jband: We need a milestone for this bug, please.

This bug has not been touched for more than nine months. In most cases, that means it has "slipped through the net". Please could the owner take a moment to add a comment to the bug with current status, and/or close it. Thank you :-) Gerv

mass reassign of xpconnect bugs to dbradley@netscape.com

Removing Rob as QA contact