[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Anyone else notice that Swen is slowing down?

On Thu, 02 Oct 2003 17:47:02 -0400, Daniel B. <dsb@smart.net> penned:
> Mike Mueller wrote:
>> ....  It seems that the safest form of information push is
>> unformatted text.  
> Wouldn't it be sufficient to limit the formats to those that don't have
> the expressive power to command the receiver to do arbitrary things?  
> For example, HTML can't hijack a browser (or HTML-capable e-mail reader)
> with scripting turned off, can it (ignoring buffer-overflow bugs)?
> Similarly, executable formats like Java, which has a comprehensive
> security model, would be better if you ever really did need to deliver
> executable code.  (No, I didn't say Java implementations are perfect, 
> but there are a lot more layers of security to break through.)

Even then, you send a jar file and most systems won't be able to use it
just by clicking (although I think OS X users can).

But uh ... java *can* have security features turned on, but in general,
if you run a java app, you have full read/write access to the system,
not to mention full network access.  Java applets are generally
sandboxed, but java apps are not.

Please respond to the group OR to my email, but not both.  (Group preferred.)

Reply to: