osnr
Security audit, especially of C code?
My main reservation about experimenting with such a powerful & clever thing involves potential security concerns.
Every extension is a little worrisome, but in general open-source plus sufficient-community-of-users plus browser-store-review plus browser-security-boundaries will put me at ease.
But, a custom C-language filesystem, and specifically one that gets pushed JSON data derived from any untrusted website, gives extra pause.
Has the FS code been subjected to any/some/much intense review for security risks? Could it be, on either a volunteer or contracted/crowdfunded basis? Its small size & relative low-rate-of-change even as browser-visible features grow suggest a one-time (or very occasional) bounded effort/cost could offer a long period of peace-of-mind.
